Описание
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-4924
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=207955
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29158
- https://hypersonic.bluecoat.com/support/securityadvisories/ssh_server_on_sg
- https://issues.rpath.com/browse/RPL-661
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10462
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1193
- http://blogs.sun.com/security/entry/sun_alert_102962_security_vulnerability
- http://bugs.gentoo.org/show_bug.cgi?id=148228
- http://docs.info.apple.com/article.html?artnum=305214
- http://itrc.hp.com/service/cki/docDisplay.do?docId=c00815112
- http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
- http://marc.info/?l=openssh-unix-dev&m=115939141729160&w=2
- http://secunia.com/advisories/21923
- http://secunia.com/advisories/22091
- http://secunia.com/advisories/22116
- http://secunia.com/advisories/22158
- http://secunia.com/advisories/22164
- http://secunia.com/advisories/22183
- http://secunia.com/advisories/22196
- http://secunia.com/advisories/22208
- http://secunia.com/advisories/22236
- http://secunia.com/advisories/22245
- http://secunia.com/advisories/22270
- http://secunia.com/advisories/22298
- http://secunia.com/advisories/22352
- http://secunia.com/advisories/22362
- http://secunia.com/advisories/22487
- http://secunia.com/advisories/22495
- http://secunia.com/advisories/22823
- http://secunia.com/advisories/22926
- http://secunia.com/advisories/23038
- http://secunia.com/advisories/23241
- http://secunia.com/advisories/23340
- http://secunia.com/advisories/23680
- http://secunia.com/advisories/24479
- http://secunia.com/advisories/24799
- http://secunia.com/advisories/24805
- http://secunia.com/advisories/25608
- http://secunia.com/advisories/29371
- http://secunia.com/advisories/34274
- http://security.freebsd.org/advisories/FreeBSD-SA-06%3A22.openssh.asc
- http://security.gentoo.org/glsa/glsa-200609-17.xml
- http://security.gentoo.org/glsa/glsa-200611-06.xml
- http://securitytracker.com/id?1016931
- http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.592566
- http://sourceforge.net/forum/forum.php?forum_id=681763
- http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102962-1
- http://support.avaya.com/elmodocs2/security/ASA-2006-216.htm
- http://support.avaya.com/elmodocs2/security/ASA-2006-262.htm
- http://www-unix.globus.org/mail_archive/security-announce/2007/04/msg00000.html
- http://www.debian.org/security/2006/dsa-1189
- http://www.debian.org/security/2006/dsa-1212
- http://www.kb.cert.org/vuls/id/787448
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:179
- http://www.novell.com/linux/security/advisories/2006_24_sr.html
- http://www.novell.com/linux/security/advisories/2006_62_openssh.html
- http://www.openbsd.org/errata.html#ssh
- http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.022-openssh.html
- http://www.osvdb.org/29152
- http://www.redhat.com/support/errata/RHSA-2006-0697.html
- http://www.redhat.com/support/errata/RHSA-2006-0698.html
- http://www.securityfocus.com/archive/1/447153/100/0/threaded
- http://www.securityfocus.com/bid/20216
- http://www.trustix.org/errata/2006/0054
- http://www.ubuntu.com/usn/usn-355-1
- http://www.us-cert.gov/cas/techalerts/TA07-072A.html
- http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
- http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
- http://www.vupen.com/english/advisories/2006/3777
- http://www.vupen.com/english/advisories/2006/4401
- http://www.vupen.com/english/advisories/2006/4869
- http://www.vupen.com/english/advisories/2007/0930
- http://www.vupen.com/english/advisories/2007/1332
- http://www.vupen.com/english/advisories/2007/2119
- http://www.vupen.com/english/advisories/2009/0740
EPSS
CVE ID
Связанные уязвимости
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, all ...
Уязвимость операционной системы Gentoo Linux, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации
EPSS