CVE-2006-4925

EPSS 3.4%

Published: 9/29/2006Modified: 4/28/2026

Description

packet.c in ssh in OpenSSH allows remote attackers to cause a denial of service (crash) by sending an invalid protocol sequence with USERAUTH_SUCCESS before NEWKEYS, which causes newkeys[mode] to be NULL.

Affected packages (1)

Debian/opensshfrom 0, < 1:5.1p1-5

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-4925