CVE-2011-5000

NameCVE-2011-5000
DescriptionThe ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
openssh (PTS)bullseye1:8.4p1-5+deb11u3fixed
bullseye (security)1:8.4p1-5+deb11u5fixed
bookworm, bookworm (security)1:9.2p1-2+deb12u5fixed
trixie1:10.0p1-2fixed
sid1:10.0p1-3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
opensshsourcesqueeze1:5.5p1-6+squeeze4
opensshsource(unstable)1:5.9p1-1

Notes

looking at the code an additional integer overflow check was added in at least 5.9
Search for package or bug name: Reporting problems