ClearOS Documentation

×

Warning

301 error for file:https://clearos.com/dokuwiki2/lib/exe/css.php?t=dokuwiki&tseed=82873f9c9a1f5784b951644363f20ef8

User Tools

Site Tools


CVE 2006-5794

'Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4.5 causes weaker verification that authentication has been successful, which might allow attackers to bypass authentication. NOTE: as of 20061108, it is believed that this issue is only exploitable by leveraging vulnerabilities in the unprivileged process, which are not known to exist.'

ClearCenter response

Short response

This CVE is addressed in a backported fix to ClearOS. ClearOS 5.x systems were never vulnerable to this bug.

Long response

Previous fixes before the release of ClearOS 5 addressed this issue. ClearOS does not increment version numbers in order to maintain dependencies between subsystems. The audit system has not taken into account ClearOS minor version numbers which correctly represent the fix to the system.

ClearOS has backported fixes to this problem. All versions of ClearOS 5.x are not vulnerable to this issue. ClearOS 6 and later are also not affected by this issue.

Resolution

No action required.

content/en_us/announcements_cve_cve-2006-5794.txt · Last modified: 2014/12/22 10:35 by dloper

https://clearos.com/dokuwiki2/lib/exe/indexer.php?id=content%3Aen_us%3Aannouncements_cve_cve-2006-5794&1558381543