CVE ID
CVE-2011-5000
DESCRIPTION
The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier,
when gssapi-with-mic authentication is enabled, allows remote authenticated
users to cause a denial of service (memory consumption) via a large value in a
certain length field. NOTE: there may be limited scenarios in which this issue
is relevant.
CVSS2 Base Score 3.5
Impact: Low
RESOLUTION
Resolution:
This was fixed in samba-3.6.23-25.el6_7.x86_64 and later.
Apply Unitrends security update v10.29 from 07/27/2018 or later, containing samba-3.6.23-45.el6_9.x86_64