aboutsummaryrefslogtreecommitdiffstats
path: root/security/vuxml/vuln.xml
diff options
context:
space:
mode:
Diffstat (limited to 'security/vuxml/vuln.xml')
-rw-r--r--security/vuxml/vuln.xml63
1 files changed, 63 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index bff363c87144..505c25c16302 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -34,6 +34,69 @@ Note: Please add new entries to the beginning of this file.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="32db37a5-50c3-11db-acf3-000c6ec775d9">
+ <topic>openssh -- multiple vulnerabilities</topic>
+ <affects>
+ <system>
+ <name>FreeBSD</name>
+ <range><ge>6.1</ge><lt>6.1_10</lt></range>
+ <range><ge>6.0</ge><lt>6.0_15</lt></range>
+ <range><ge>5.5</ge><lt>5.5_8</lt></range>
+ <range><ge>5.4</ge><lt>5.4_22</lt></range>
+ <range><ge>5.0</ge><lt>5.3_37</lt></range>
+ <range><lt>4.11_25</lt></range>
+ </system>
+ <package>
+ <name>openssh</name>
+ <range><lt>4.4,1</lt></range>
+ </package>
+ <package>
+ <name>openssh-portable</name>
+ <range><lt>4.4.p1,1</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <h1>Problem Description</h1>
+ <p>The CRC compensation attack detector in the sshd(8) daemon,
+ upon receipt of duplicate blocks, uses CPU time cubic in the
+ number of duplicate blocks received. [CVE-2006-4924]</p>
+ <p>A race condition exists in a signal handler used by the
+ sshd(8) daemon to handle the LoginGraceTime option, which
+ can potentially cause some cleanup routines to be executed
+ multiple times. [CVE-2006-5051]</p>
+ <h1>Impact</h1>
+ <p>An attacker sending specially crafted packets to sshd(8)
+ can cause a Denial of Service by using 100% of CPU time
+ until a connection timeout occurs. Since this attack can be
+ performed over multiple connections simultaneously, it is
+ possible to cause up to MaxStartups (10 by default) sshd
+ processes to use all the CPU time they can obtain.
+ [CVE-2006-4924]</p>
+ <p>The OpenSSH project believe that the race condition can
+ lead to a Denial of Service or potentially remote code
+ execution, but the FreeBSD Security Team has been unable to
+ verify the exact impact. [CVE-2006-5051]</p>
+ <h1>Workaround</h1>
+ <p>The attack against the CRC compensation attack detector can
+ be avoided by disabling SSH Protocol version 1 support in
+ sshd_config(5).</p>
+ <p>There is no workaround for the second issue.</p>
+ </body>
+ </description>
+ <references>
+ <bid>20216</bid>
+ <cvename>CVE-2006-4924</cvename>
+ <cvename>CVE-2006-5051</cvename>
+ <freebsdsa>SA-06:22.openssh</freebsdsa>
+ <url>http://www.openssh.com/txt/release-4.4</url>
+ </references>
+ <dates>
+ <discovery>2006-09-25</discovery>
+ <entry>2006-09-30</entry>
+ </dates>
+ </vuln>
+
<vuln vid="fcba5764-506a-11db-a5ae-00508d6a62df">
<topic>dokuwiki -- multiple vulnerabilities</topic>
<affects>