On Sat, 30 Sep 2006, FreeBSD Security Advisories wrote:
III. Impact
An attacker sending specially crafted packets to sshd(8) can cause a
Denial of Service by using 100% of CPU time until a connection timeout
occurs. Since this attack can be performed over multiple connections
simultaneously, it is possible to cause up to MaxStartups (10 by default)
sshd processes to use all the CPU time they can obtain. [CVE-2006-4924]
The OpenSSH project believe that the race condition can lead to a Denial
of Service or potentially remote code execution, but the FreeBSD Security
Team has been unable to verify the exact impact. [CVE-2006-5051]
IV. Workaround
The attack against the CRC compensation attack detector can be avoided
by disabling SSH Protocol version 1 support in sshd_config(5).
There is no workaround for the second issue.
Doesn't TCP wrappers restriction mitigate or work around this issue or
is it done too late ?
--
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
