CVE-2006-4925 - Affected OpenSSH Versions

Damien Miller djm at
Mon Dec 17 11:56:10 EST 2012

On Fri, 14 Dec 2012, David Aaron wrote:

> Comparison of
> to
> source codes, in conjunction with the changes shown at
> =1.144&r2=1.145&f=h, appear to shows that CVE-2006-4925 was fixed with
> the release of OpenSSH 4.5.
> However, can a list of OpenSSH versions which are/were affected by
> this CVE be supplied?
> I ask as there seems to be little in the way of documentation at
> regarding CVE-2006-4925.

That's because it isn't a security problem. An "attacker" can cause their
own connection to abort and no others.


More information about the openssh-unix-dev mailing list