[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-4924Date: (C)2006-09-26   (M)2023-12-22


sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.8
Exploit Score: 10.0
Impact Score: 6.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: COMPLETE
  
Reference:
SECTRACK-1016931
SUNALERT-102962
2006-0054
http://www.securityfocus.com/archive/1/archive/1/447153/100/0/threaded
20061001-01-P
BID-20216
SECUNIA-21923
SECUNIA-22091
SECUNIA-22116
SECUNIA-22158
SECUNIA-22164
SECUNIA-22183
SECUNIA-22196
SECUNIA-22208
SECUNIA-22236
SECUNIA-22245
SECUNIA-22270
SECUNIA-22298
SECUNIA-22352
SECUNIA-22362
SECUNIA-22487
SECUNIA-22495
SECUNIA-22823
SECUNIA-22926
SECUNIA-23038
SECUNIA-23241
SECUNIA-23340
SECUNIA-23680
SECUNIA-24479
SECUNIA-24799
SECUNIA-24805
SECUNIA-25608
OSVDB-29152
SECUNIA-29371
SECUNIA-34274
ADV-2006-3777
ADV-2006-4401
ADV-2006-4869
ADV-2007-0930
ADV-2007-1332
ADV-2007-2119
ADV-2009-0740
APPLE-SA-2007-03-13
DSA-1189
DSA-1212
FreeBSD-SA-06:22
FreeBSD-SA-06:22.openssh
GLSA-200609-17
GLSA-200611-06
HPSBUX02178
IAVM:2012-A-0136
MDKSA-2006:179
OpenPKG-SA-2006.022
RHSA-2006:0697
RHSA-2006:0698
SCOSA-2008.2
SSA:2006-272-02
SSRT061267
SUSE-SA:2006:062
SUSE-SR:2006:024
TA07-072A
USN-355-1
VU#787448
http://www.openbsd.org/errata.html#ssh
http://marc.info/?l=openssh-unix-dev&m=115939141729160&w=2
http://www-unix.globus.org/mail_archive/security-announce/2007/04/msg00000.html
http://blogs.sun.com/security/entry/sun_alert_102962_security_vulnerability
http://bugs.gentoo.org/show_bug.cgi?id=148228
http://docs.info.apple.com/article.html?artnum=305214
http://sourceforge.net/forum/forum.php?forum_id=681763
http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227
http://support.avaya.com/elmodocs2/security/ASA-2006-216.htm
http://support.avaya.com/elmodocs2/security/ASA-2006-262.htm
http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=207955
https://hypersonic.bluecoat.com/support/securityadvisories/ssh_server_on_sg
https://issues.rpath.com/browse/RPL-661
openssh-block-dos(29158)

CPE    56
cpe:/a:openbsd:openssh:1.2.3
cpe:/a:openbsd:openssh:1.2.2
cpe:/a:openbsd:openssh:1.2.1
cpe:/a:openbsd:openssh:3.7.1p2
...
CWE    1
CWE-399

© SecPod Technologies