OpenSSH Denial Of Service Vulnerability Network Vulnerability

Summary

OpenSSH is prone to a remote denial-of-service vulnerability.

Impact

Exploiting this issue allows remote attackers to trigger denial-of- service conditions.

Solution

Updates are available.

Insight

The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.

Affected

OpenSSH 6.1 and prior

Detection

Compare the version retrieved from the banner with the affected range.

References

http://www.openssh.com
http://www.securityfocus.com/bid/58162

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-5107

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Adobe Reader Multiple Vulnerabilities - Aug07 (Linux)
Apple Safari 'Webkit' Information Disclosure Vulnerability (Mac OS X)
Apple Safari 'SRC' Remote Denial Of Service Vulnerability
Adobe Flash Media Server Video Stream Capture Security Issue
Apache Tomcat Multiple Vulnerabilities - 01 Mar14

OpenSSH Denial of Service Vulnerability

Take action and discover your vulnerabilities