What is CVE-2006-5229?

CVE-2006-5229 is a vulnerability in N/a. Published 2006-10-10.

Is CVE-2006-5229 known to be exploited?

4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2006-5229

OpenSSH portable 4.1 on SUSE Linux, and possibly other platforms and versions, and possibly under limited configurations, allows remote attackers to determine valid usernames via timing discrepancies in which responses take longer for vali…

EPSS: 0.566 (98.2th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

25979 (x_refsource_SECUNIA, third-party-advisory)
20061014 Re: yet another OpenSSH timing leak? (mailing-list, x_refsource_BUGTRAQ)
20061009 yet another OpenSSH timing leak? (mailing-list, x_refsource_BUGTRAQ)
20061010 Re: yet another OpenSSH timing leak? (mailing-list, x_refsource_BUGTRAQ)
ADV-2007-2545 (vdb-entry, x_refsource_VUPEN)
20418 (vdb-entry, x_refsource_BID)
20061009 Re: yet another OpenSSH timing leak? (mailing-list, x_refsource_BUGTRAQ)
32721 (x_refsource_OSVDB, vdb-entry)
www.sybsecurity.com/hack-proventia-1.pdf (x_refsource_MISC)

Frequently asked questions

What is CVE-2006-5229?: CVE-2006-5229 is a vulnerability in N/a. Published 2006-10-10.
Is CVE-2006-5229 known to be exploited?: 4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.