CVE-2006-4924 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-4924
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-4924

Description: sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/29158 UBUNTU http://www.ubuntu.com/usn/usn-355-1 TRUSTIX http://www.trustix.org/errata/2006/0054 SUSE http://www.novell.com/linux/security/advisories/2006_24_sr.html http://www.novell.com/linux/security/advisories/2006_62_openssh.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-102962-1 ST 1016931 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.592566 SGI SCO SAID Secunia Advisory: SA29371 Secunia Advisory: SA24799 Secunia Advisory: SA25608 Secunia Advisory: SA24805 Secunia Advisory: SA24479 Secunia Advisory: SA23680 Secunia Advisory: SA23038 Secunia Advisory: SA23241 Secunia Advisory: SA22298 Secunia Advisory: SA23340 Secunia Advisory: SA22823 Secunia Advisory: SA22926 Secunia Advisory: SA22495 Secunia Advisory: SA22487 Secunia Advisory: SA22362 Secunia Advisory: SA22245 Secunia Advisory: SA22352 Secunia Advisory: SA22116 Secunia Advisory: SA22208 Secunia Advisory: SA22236 Secunia Advisory: SA22270 Secunia Advisory: SA22183 Secunia Advisory: SA22196 Secunia Advisory: SA22164 Secunia Advisory: SA22158 Secunia Advisory: SA21923 Secunia Advisory: SA22091 Secunia Advisory: SA34274 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0697.html http://www.redhat.com/support/errata/RHSA-2006-0698.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1193 OSVDB 29152 OPENPKG http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.022-openssh.html OPENBSD http://www.openbsd.org/errata.html#ssh MLIST http://www-unix.globus.org/mail_archive/security-announce/2007/04/msg00000.html http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=115939141729160&w=2 MISC MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2006:179 HP http://itrc.hp.com/service/cki/docDisplay.do?docId=c00815112 GENTOO http://security.gentoo.org/glsa/glsa-200611-06.xml http://security.gentoo.org/glsa/glsa-200609-17.xml FREEBSD http://security.freebsd.org/advisories/FreeBSD-SA-06%3A22.openssh.asc DEBIAN http://www.debian.org/security/2006/dsa-1189 http://www.debian.org/security/2006/dsa-1212 CONFIRM http://sourceforge.net/forum/forum.php?forum_id=681763 http://blogs.sun.com/security/entry/sun_alert_102962_security_vulnerability http://docs.info.apple.com/article.html?artnum=305214 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html http://support.avaya.com/elmodocs2/security/ASA-2006-216.htm http://support.avaya.com/elmodocs2/security/ASA-2006-262.htm http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html http://bugs.gentoo.org/show_bug.cgi?id=148228 CERT-VN 787448 CERT http://www.us-cert.gov/cas/techalerts/TA07-072A.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/447153/100/0/threaded BID 20216 APPLE http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html

Return to the previous page.