PT-2016-1146 · Openssh+2 · Openssh+2
Ben Hawkes
·
Publicado
2016-01-19
·
Atualizado
2024-07-08
·
CVE-2016-1907
CVSS v3.1
5.3
Média
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
OpenSSH versions prior to 7.1p2
Description
The issue is related to the
ssh packet read poll2 function in the packet.c file, which allows remote attackers to cause a denial of service due to an out-of-bounds read and application crash via crafted network traffic. This is caused by a buffer overflow.Recommendations
For OpenSSH versions prior to 7.1p2, update to version 7.1p2 or later to resolve the issue. As a temporary workaround, consider restricting access to the
ssh packet read poll2 function until a patch is available.Exploit
Correção
DoS
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Alt Linux
Openssh
Ubuntu