{"id":"CVE-2005-2798","details":"sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.","modified":"2026-04-10T03:38:11.743889Z","published":"2005-09-06T17:03:00Z","references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/16686"},{"type":"ADVISORY","url":"http://secunia.com/advisories/17077"},{"type":"ADVISORY","url":"http://secunia.com/advisories/17245"},{"type":"ADVISORY","url":"http://secunia.com/advisories/18010"},{"type":"ADVISORY","url":"http://secunia.com/advisories/18406"},{"type":"ADVISORY","url":"http://secunia.com/advisories/18507"},{"type":"ADVISORY","url":"http://secunia.com/advisories/18661"},{"type":"ADVISORY","url":"http://secunia.com/advisories/18717"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005:172"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2006/0144"},{"type":"FIX","url":"http://secunia.com/advisories/16686"},{"type":"WEB","url":"ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.53/SCOSA-2005.53.txt"},{"type":"WEB","url":"http://lists.suse.com/archive/suse-security-announce/2006-Feb/0001.html"},{"type":"WEB","url":"http://securitytracker.com/id?1014845"},{"type":"WEB","url":"http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm"},{"type":"WEB","url":"http://support.avaya.com/elmodocs2/security/ASA-2006-033.htm"},{"type":"WEB","url":"http://www.mindrot.org/pipermail/openssh-unix-announce/2005-September/000083.html"},{"type":"WEB","url":"http://www.osvdb.org/19141"},{"type":"WEB","url":"http://www.redhat.com/support/errata/RHSA-2005-527.html"},{"type":"WEB","url":"http://www.securityfocus.com/archive/1/421411/100/0/threaded"},{"type":"WEB","url":"http://www.securityfocus.com/bid/14729"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/24064"},{"type":"WEB","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1345"},{"type":"WEB","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1566"},{"type":"WEB","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9717"},{"type":"WEB","url":"https://usn.ubuntu.com/209-1/"}],"schema_version":"1.7.5"}