CVE-2006-0883

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions OpenSSH on FreeBSD versions 5.3 through 5.4

Description The issue arises when OpenSSH on FreeBSD is used with OpenPAM and a forked child process terminates during PAM authentication. This allows remote attackers to cause a denial of service by connecting multiple times to the SSH server, waiting for the password prompt, and then disconnecting.

Recommendations For OpenSSH on FreeBSD versions 5.3 through 5.4, consider restricting access to the SSH server or implementing measures to limit the number of concurrent connections as a temporary workaround until a patch is available.

Exploit

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

ALT-PU-2024-3921

ALT-PU-2024-4077

ALT-PU-2024-4467

ALT-PU-2024-9513

CVE-2006-0883

Affected Products

Alt Linux

Openam

Openssh

CVE-2006-0883

Weakness Enumeration

Related Identifiers

Affected Products

References · 361