PT-2006-1929 · Freebsd+1 · Openam+2

William M. Grim

Publicado

2006-03-07

Atualizado

2024-07-08

CVE-2006-0883

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions OpenSSH on FreeBSD versions 5.3 through 5.4

Description The issue arises when OpenSSH on FreeBSD is used with OpenPAM and a forked child process terminates during PAM authentication. This allows remote attackers to cause a denial of service by connecting multiple times to the SSH server, waiting for the password prompt, and then disconnecting.

Recommendations For OpenSSH on FreeBSD versions 5.3 through 5.4, consider restricting access to the SSH server or implementing measures to limit the number of concurrent connections as a temporary workaround until a patch is available.

Exploit

Correção

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-399

Identificadores relacionados

ALT-PU-2024-3921

ALT-PU-2024-4077

ALT-PU-2024-4467

ALT-PU-2024-9513

CVE-2006-0883

Produtos afetados

Alt Linux

Openam

Openssh

PT-2006-1929 · Freebsd+1 · Openam+2

CVE-2006-0883

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 361