CVE-2012-5975
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2012-5975
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The SSH USERAUTH CHANGE REQUEST feature in SSH Tectia Server 6.0.4 through 6.0.20, 6.1.0 through 6.1.12, 6.2.0 through 6.2.5, and 6.3.0 through 6.3.2 on UNIX and Linux, when old-style password authentication is enabled, allows remote attackers to bypass authentication via a crafted session involving entry of blank passwords, as demonstrated by a root login session from a modified OpenSSH client with an added input_userauth_passwd_changereq call in sshconnect2.c.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
SSH Tectia Server 安全绕过漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
SSH Tectia Server是商业性质的SSH服务器平台,适用于多种银行、保险等企业。 基于UNIX和Linux系统上的SSH Tectia Server 6.0.4至6.0.20、6.1.0至6.1.12、6.2.0至6.2.5以及6.3.0至6.3.2版本中的‘SSH USERAUTH CHANGE REQUEST’函数中存在漏洞。当old-style密码身份验证启用时,通过包含空密码条目的特制会话(如来自修改OpenSSH客户端带有添加sshconnect2.c中的‘input_useraut
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2012-5975
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2012-5975
Please Login to view more intelligence information
- 🔗 http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0013.htmlmailing-listx_refsource_FULLDISC
- 🔗 http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0065.htmlmailing-listx_refsource_FULLDISC
- https://nvd.nist.gov/vuln/detail/CVE-2012-5975
Same Patch Batch · n/a · 2012-12-04 · 6 CVEs total
| CVE-2012-6066 | freeSSHd freeSSHd.exe 身份验证绕过漏洞 | |
| CVE-2012-6067 | freeFTPd freeFTPd.exe 身份验证绕过漏洞 | |
| CVE-2012-5129 | Google Chrome OS 基于堆的缓冲区溢出漏洞 | |
| CVE-2012-5137 | Google Chrome 释放后使用漏洞 | |
| CVE-2012-5138 | Google Chrome 不正确处理文件路径漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out- - CVE-2026-8187
Open5GS UPF gtp-path.c _gtpv1_u_recv_cb resource consumption - CVE-2026-6667
PgBouncer missing authorization check in KILL_CLIENT admin c - CVE-2026-6666
PgBouncer crash in kill_pool_logins_server_error - CVE-2026-6665
PgBouncer buffer overflow in SCRAM
V. Comments for CVE-2012-5975
No comments yet