logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2016-10708

Description

sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.


Affected Software


CPE Name Name Version
openbsd:openssh openbsd openssh 7.4
debian:debian_linux debian debian linux 7.0
debian:debian_linux debian debian linux 8.0
canonical:ubuntu_linux canonical ubuntu linux 14.04
canonical:ubuntu_linux canonical ubuntu linux 16.04
canonical:ubuntu_linux canonical ubuntu linux 18.04
netapp:data_ontap netapp data ontap -
netapp:clustered_data_ontap netapp clustered data ontap -
netapp:data_ontap_edge netapp data ontap edge -
netapp:oncommand_unified_manager netapp oncommand unified manager *
netapp:cloud_backup netapp cloud backup -
netapp:storagegrid_webscale netapp storagegrid webscale -
netapp:storagegrid netapp storagegrid -
netapp:service_processor netapp service processor -
netapp:vasa_provider netapp vasa provider -

Related