exploitDog

CVE-2014-8475

Опубликовано: 18 нояб. 2014

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

FreeBSD 9.1, 9.2, and 10.0, when compiling OpenSSH with Kerberos support, uses incorrect library ordering when linking sshd, which causes symbols to be resolved incorrectly and allows remote attackers to cause a denial of service (sshd deadlock and prevention of new connections) by ending multiple connections before authentication is completed.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:freebsd:freebsd:9.1:*:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:9.2:*:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:10.0:*:*:*:*:*:*:*

EPSS

Процентиль: 82%

0.01683

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-17

Связанные уязвимости

CVE-2014-8475

debian

около 11 лет назад

FreeBSD 9.1, 9.2, and 10.0, when compiling OpenSSH with Kerberos suppo ...

GHSA-xc4v-2r8x-72gh

github

больше 3 лет назад

FreeBSD 9.1, 9.2, and 10.0, when compiling OpenSSH with Kerberos support, uses incorrect library ordering when linking sshd, which causes symbols to be resolved incorrectly and allows remote attackers to cause a denial of service (sshd deadlock and prevention of new connections) by ending multiple connections before authentication is completed.

EPSS

Процентиль: 82%

0.01683

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-17