CVE-2005-2797
OpenSSH < 4.2 - Unintended GatewayPorts Activation via Dynamic Port Forwarding
Title source: llmDescription
OpenSSH 4.0, and other versions before 4.2, does not properly handle dynamic port forwarding ("-D" option) when a listen address is not provided, which may cause OpenSSH to enable the GatewayPorts functionality.
References (12)
Core 12
Core References
Various Sources vendor-advisory
x_refsource_sco
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.53/SCOSA-2005.53.txt
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/19243
Mailing List vendor-advisory
x_refsource_openpkg
http://marc.info/?l=bugtraq&m=112605977304049&w=2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/19142
Various Sources vendor-advisory
x_refsource_sco
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.11/SCOSA-2006.11.txt
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/18661
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/18010
Patch, Vendor Advisory mailing-list
x_refsource_mlist
http://www.mindrot.org/pipermail/openssh-unix-announce/2005-September/000083.html
Vendor Advisory x_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2006-033.htm
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/14727
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1014845
Patch third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/16686
Scores
EPSS
0.0071
EPSS Percentile
72.5%
Details
Status
published
Products (1)
openbsd/openssh
4.0
Published
Sep 06, 2005
Tracked Since
Feb 18, 2026