Vulnerability Name:

CVE-2005-2797 (CCN-22115)

Assigned:2005-09-02
Published:2005-09-02
Updated:2016-12-08
Summary:OpenSSH 4.0, and other versions before 4.2, does not properly handle dynamic port forwarding ("-D" option) when a listen address is not provided, which may cause OpenSSH to enable the GatewayPorts functionality.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-Other
Vulnerability Consequences:Bypass Security
References:Source: CCN
Type: OpenSSH FTP Download Web page
FTP page

Source: SCO
Type: UNKNOWN
SCOSA-2006.11

Source: SCO
Type: UNKNOWN
SCOSA-2005.53

Source: MITRE
Type: CNA
CVE-2005-2797

Source: OPENPKG
Type: UNKNOWN
OpenPKG-SA-2005.019

Source: CCN
Type: SA16686
OpenSSH Two Security Issues

Source: SECUNIA
Type: Patch
16686

Source: SECUNIA
Type: UNKNOWN
18010

Source: CCN
Type: SA18661
Avaya Intuity Audix Two OpenSSH Security Issues

Source: SECUNIA
Type: UNKNOWN
18661

Source: SECUNIA
Type: UNKNOWN
19243

Source: CCN
Type: SECTRACK ID: 1014845
OpenSSH May Unexpectedly Activate GatewayPorts and Also May Disclose GSSAPI Credentials in Certain Cases

Source: SECTRACK
Type: UNKNOWN
1014845

Source: SECUNIA
Type: UNKNOWN
18661

Source: CCN
Type: ASA-2006-033
OpenSSH Multiple Vulnerabilities (SCOSA-2005.53)

Source: MLIST
Type: Patch, Vendor Advisory
[openssh-unix-announce] 20050901 Announce: OpenSSH 4.2 released

Source: CCN
Type: OpenPKG-SA-2005.019
OpenSSH

Source: OSVDB
Type: UNKNOWN
19142

Source: CCN
Type: OSVDB ID: 19142
OpenSSH Multiple X11 Channel Forwarding Leaks

Source: BID
Type: UNKNOWN
14727

Source: CCN
Type: BID-14727
OpenSSH DynamicForward Inadvertent GatewayPorts Activation Vulnerability

Source: XF
Type: UNKNOWN
openssh-gatewayports-security-bypass(22115)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:openbsd:openssh:4.0:-:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:openbsd:openssh:4.0:-:*:*:*:*:*:*
  • AND
  • cpe:/a:openpkg:openpkg:current:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20052797
    V
    		CVE-2005-2797
    2015-11-16
    BACK
    openbsd openssh 4.0
    openbsd openssh 4.0
    openpkg openpkg current