CVE-2006-4925

Publication date 29 September 2006

Last updated 24 July 2024


Ubuntu priority

packet.c in ssh in OpenSSH allows remote attackers to cause a denial of service (crash) by sending an invalid protocol sequence with USERAUTH_SUCCESS before NEWKEYS, which causes newkeys[mode] to be NULL.

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
openssh 7.04 feisty
Not affected
6.10 edgy
Not affected
6.06 LTS dapper
Fixed 4.2p1-7ubuntu3.1