diff options
| author | simon <simon@FreeBSD.org> | 2006-10-01 04:52:35 +0800 |
|---|---|---|
| committer | simon <simon@FreeBSD.org> | 2006-10-01 04:52:35 +0800 |
| commit | d9710af4457cbd27d3b2359685e73df7a9ca850b (patch) | |
| tree | 2f8d5778b76c3a36bd486a29948a9c5d7d4e7f05 /security | |
| parent | 1380a03b02296e6cc1ed22a1e4d8eb934a7927a9 (diff) | |
| download | freebsd-ports-gnome-d9710af4457cbd27d3b2359685e73df7a9ca850b.tar.gz freebsd-ports-gnome-d9710af4457cbd27d3b2359685e73df7a9ca850b.tar.zst freebsd-ports-gnome-d9710af4457cbd27d3b2359685e73df7a9ca850b.zip | |
Document openssh -- multiple vulnerabilities AKA
FreeBSD-SA-06:22.openssh.
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index bff363c87144..505c25c16302 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,69 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="32db37a5-50c3-11db-acf3-000c6ec775d9"> + <topic>openssh -- multiple vulnerabilities</topic> + <affects> + <system> + <name>FreeBSD</name> + <range><ge>6.1</ge><lt>6.1_10</lt></range> + <range><ge>6.0</ge><lt>6.0_15</lt></range> + <range><ge>5.5</ge><lt>5.5_8</lt></range> + <range><ge>5.4</ge><lt>5.4_22</lt></range> + <range><ge>5.0</ge><lt>5.3_37</lt></range> + <range><lt>4.11_25</lt></range> + </system> + <package> + <name>openssh</name> + <range><lt>4.4,1</lt></range> + </package> + <package> + <name>openssh-portable</name> + <range><lt>4.4.p1,1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <h1>Problem Description</h1> + <p>The CRC compensation attack detector in the sshd(8) daemon, + upon receipt of duplicate blocks, uses CPU time cubic in the + number of duplicate blocks received. [CVE-2006-4924]</p> + <p>A race condition exists in a signal handler used by the + sshd(8) daemon to handle the LoginGraceTime option, which + can potentially cause some cleanup routines to be executed + multiple times. [CVE-2006-5051]</p> + <h1>Impact</h1> + <p>An attacker sending specially crafted packets to sshd(8) + can cause a Denial of Service by using 100% of CPU time + until a connection timeout occurs. Since this attack can be + performed over multiple connections simultaneously, it is + possible to cause up to MaxStartups (10 by default) sshd + processes to use all the CPU time they can obtain. + [CVE-2006-4924]</p> + <p>The OpenSSH project believe that the race condition can + lead to a Denial of Service or potentially remote code + execution, but the FreeBSD Security Team has been unable to + verify the exact impact. [CVE-2006-5051]</p> + <h1>Workaround</h1> + <p>The attack against the CRC compensation attack detector can + be avoided by disabling SSH Protocol version 1 support in + sshd_config(5).</p> + <p>There is no workaround for the second issue.</p> + </body> + </description> + <references> + <bid>20216</bid> + <cvename>CVE-2006-4924</cvename> + <cvename>CVE-2006-5051</cvename> + <freebsdsa>SA-06:22.openssh</freebsdsa> + <url>http://www.openssh.com/txt/release-4.4</url> + </references> + <dates> + <discovery>2006-09-25</discovery> + <entry>2006-09-30</entry> + </dates> + </vuln> + <vuln vid="fcba5764-506a-11db-a5ae-00508d6a62df"> <topic>dokuwiki -- multiple vulnerabilities</topic> <affects> |