7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.939 High
EPSS
Percentile
98.9%
This security advisory describes an OpenSSH version 1 vulnerability. When using version SSH version 1 protocol, remote attacks cause a denial of service attack when the sshd process is used in OpenSSH versions previous to version 4.4. This occurs when using an SSH packet that contains duplicate blocks. The SSH packets that contain duplicate blocks are not handled correctly by the CRC compensation attack detector, which results in high CPU consumption.
Information about this advisory is available at the following location:
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4924>