7.8
CVE-2006-4924
- EPSS 34.67%
- Veröffentlicht 27.09.2006 01:07:00
- Zuletzt bearbeitet 16.06.2026 22:30:08
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 34.67% | 0.982 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 10 | 6.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
http://secunia.com/advisories/22196
http://secunia.com/advisories/23680
http://www.redhat.com/support/errata/RHSA-2006-0698.html
http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
http://secunia.com/advisories/23340
http://docs.info.apple.com/article.html?artnum=305214
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
http://secunia.com/advisories/24479
http://www.us-cert.gov/cas/techalerts/TA07-072A.html
http://www.vupen.com/english/advisories/2007/0930
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00815112
http://secunia.com/advisories/23241
http://support.avaya.com/elmodocs2/security/ASA-2006-262.htm
http://www.vupen.com/english/advisories/2006/4869
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc
http://secunia.com/advisories/22487
http://secunia.com/advisories/22298
http://www.novell.com/linux/security/advisories/2006_24_sr.html
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:22.openssh.asc
ftp://ftp.sco.com/pub/unixware7/714/security/p534336/p534336.txt
http://blogs.sun.com/security/entry/sun_alert_102962_security_vulnerability
http://bugs.gentoo.org/show_bug.cgi?id=148228
http://marc.info/?l=openssh-unix-dev&m=115939141729160&w=2
http://secunia.com/advisories/21923
http://secunia.com/advisories/22091
http://secunia.com/advisories/22116
http://secunia.com/advisories/22158
http://secunia.com/advisories/22164
http://secunia.com/advisories/22183
http://secunia.com/advisories/22208
http://secunia.com/advisories/22236
http://secunia.com/advisories/22245
http://secunia.com/advisories/22270
http://secunia.com/advisories/22352
http://secunia.com/advisories/22362
http://secunia.com/advisories/22495
http://secunia.com/advisories/22823
http://secunia.com/advisories/22926
http://secunia.com/advisories/23038
http://secunia.com/advisories/24799
http://secunia.com/advisories/24805
http://secunia.com/advisories/25608
http://secunia.com/advisories/29371
http://secunia.com/advisories/34274
http://security.freebsd.org/advisories/FreeBSD-SA-06%3A22.openssh.asc
http://security.gentoo.org/glsa/glsa-200609-17.xml
http://security.gentoo.org/glsa/glsa-200611-06.xml
http://securitytracker.com/id?1016931
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.592566
http://sourceforge.net/forum/forum.php?forum_id=681763
http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102962-1
http://support.avaya.com/elmodocs2/security/ASA-2006-216.htm
http://www-unix.globus.org/mail_archive/security-announce/2007/04/msg00000.html
http://www.debian.org/security/2006/dsa-1189
http://www.debian.org/security/2006/dsa-1212
http://www.kb.cert.org/vuls/id/787448
http://www.mandriva.com/security/advisories?name=MDKSA-2006:179
http://www.novell.com/linux/security/advisories/2006_62_openssh.html
http://www.openbsd.org/errata.html#ssh
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.022-openssh.html
http://www.osvdb.org/29152
http://www.redhat.com/support/errata/RHSA-2006-0697.html
http://www.securityfocus.com/archive/1/447153/100/0/threaded
http://www.securityfocus.com/bid/20216
http://www.trustix.org/errata/2006/0054
http://www.ubuntu.com/usn/usn-355-1
http://www.vupen.com/english/advisories/2006/3777
http://www.vupen.com/english/advisories/2006/4401
http://www.vupen.com/english/advisories/2007/1332
http://www.vupen.com/english/advisories/2007/2119
http://www.vupen.com/english/advisories/2009/0740
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=207955
https://exchange.xforce.ibmcloud.com/vulnerabilities/29158
https://hypersonic.bluecoat.com/support/securityadvisories/ssh_server_on_sg
https://issues.rpath.com/browse/RPL-661
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10462
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1193