Lucene search

K
f5F5SOL6881
HistoryDec 11, 2006 - 12:00 a.m.

SOL6881 - SSHv1 vulnerabilities CVE-2006-4924

2006-12-1100:00:00
support.f5.com
39

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.939 High

EPSS

Percentile

98.9%

This security advisory describes an OpenSSH version 1 vulnerability. When using version SSH version 1 protocol, remote attacks cause a denial of service attack when the sshd process is used in OpenSSH versions previous to version 4.4. This occurs when using an SSH packet that contains duplicate blocks. The SSH packets that contain duplicate blocks are not handled correctly by the CRC compensation attack detector, which results in high CPU consumption.

Information about this advisory is available at the following location:

<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4924&gt;

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.939 High

EPSS

Percentile

98.9%