Bug#389995: CVE-2006-4924: DoS vulnerability in openssh server

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#389995: CVE-2006-4924: DoS vulnerability in openssh server
From: Stefan Fritsch <sf@sfritsch.de>
Date: Thu, 28 Sep 2006 21:08:04 +0200
Message-id: <[🔎] 20060928190804.6167.72704.reportbug@k.lan>
Reply-to: Stefan Fritsch <sf@sfritsch.de>, 389995@bugs.debian.org

Package: openssh
Version: 1:4.3p2-3
Severity: important
Tags: security patch



A denial of service (cpu consumption) vulnerability has been found in openssh if
protocol 1 is enabled.

See 
http://secunia.com/advisories/22091/
for details and patches.

AFAICS protocol 1 is disabled by default, therefore severity important.
If I am mistaken (sarge?), please adjust to grave.

Reply to:

Follow-Ups:
- Bug#389995: marked as done (CVE-2006-4924: DoS vulnerability in openssh server)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#369395: openssh-server: should /etc/pam.d/ssh read /etc/default/locale?
Next by Date: Processed: tagging 388946
Previous by thread: Bug#369395: openssh-server: should /etc/pam.d/ssh read /etc/default/locale?
Next by thread: Bug#389995: marked as done (CVE-2006-4924: DoS vulnerability in openssh server)
Index(es):
- Date
- Thread