Unrated severityNVD Advisory· Published Sep 29, 2006· Updated Jun 16, 2026

CVE-2006-4925

Description

packet.c in ssh in OpenSSH allows remote attackers to cause a denial of service (crash) by sending an invalid protocol sequence with USERAUTH_SUCCESS before NEWKEYS, which causes newkeys[mode] to be NULL.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

OpenBSD/OpenSSH
cpe:2.3:a:openbsd:openssh:4.5:*:*:*:*:*:*:*
OpenSSL Project/OpenSSLllm-fuzzy

Patches

Vulnerability mechanics

References

bugs.gentoo.org/show_bug.cginvdExploitPatch
secunia.com/advisories/22245nvd
secunia.com/advisories/22298nvd
secunia.com/advisories/22495nvd
secunia.com/advisories/23038nvd
www.mandriva.com/security/advisoriesnvd
www.novell.com/linux/security/advisories/2006_24_sr.htmlnvd
www.novell.com/linux/security/advisories/2006_62_openssh.htmlnvd
www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/packet.c.diffnvd
www.openpkg.org/security/advisories/OpenPKG-SA-2006.022-openssh.htmlnvd
www.securityfocus.com/archive/1/447153/100/0/threadednvd
www.securityfocus.com/archive/1/447861/100/200/threadednvd
issues.rpath.com/browse/RPL-661nvd
issues.rpath.com/browse/RPL-681nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.012
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000