Vulnerabilities > CVE-2010-5107 - Denial of Service vulnerability in OpenSSH
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.
Vulnerable Configurations
Nessus
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2013-1591.NASL description Updated openssh packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. OpenSSH is OpenBSD last seen 2020-06-01 modified 2020-06-02 plugin id 71007 published 2013-11-21 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/71007 title RHEL 6 : openssh (RHSA-2013:1591) NASL family Denial of Service NASL id OPENSSH_LOGINGRACE_DOS.NASL description According to its banner, a version of OpenSSH earlier than version 6.2 is listening on this port. The default configuration of OpenSSH installs before 6.2 could allow a remote attacker to bypass the LoginGraceTime and MaxStartups thresholds by periodically making a large number of new TCP connections and thereby prevent legitimate users from gaining access to the service. Note that this plugin has not tried to exploit the issue or detect whether the remote service uses a vulnerable configuration. Instead, it has simply checked the version of OpenSSH running on the remote host. last seen 2020-06-01 modified 2020-06-02 plugin id 67140 published 2013-07-03 reporter This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/67140 title OpenSSH LoginGraceTime / MaxStartups DoS NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2013-1527.NASL description An updated rhev-hypervisor6 package that fixes multiple security issues and one bug is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: a subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. Upgrade Note: If you upgrade the Red Hat Enterprise Virtualization Hypervisor through the 3.2 Manager administration portal, the Host may appear with the status of last seen 2020-06-01 modified 2020-06-02 plugin id 78979 published 2014-11-08 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/78979 title RHEL 6 : rhev-hypervisor6 (RHSA-2013:1527) NASL family Scientific Linux Local Security Checks NASL id SL_20131121_OPENSSH_ON_SL6_X.NASL description The default OpenSSH configuration made it easy for remote attackers to exhaust unauthorized connection slots and prevent other users from being able to log in to a system. This flaw has been addressed by enabling random early connection drops by setting MaxStartups to 10:30:100 by default. For more information, refer to the sshd_config(5) man page. (CVE-2010-5107) last seen 2020-03-18 modified 2013-12-04 plugin id 71196 published 2013-12-04 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/71196 title Scientific Linux Security Update : openssh on SL6.x i386/x86_64 (20131121) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2016-3521.NASL description Description of changes: [4.3p2-82.0.1] - change default value of MaxStartups - CVE-2010-5107 (John Haxby) [orabug 22766491] last seen 2020-06-01 modified 2020-06-02 plugin id 88981 published 2016-02-26 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/88981 title Oracle Linux 5 : openssh (ELSA-2016-3521) NASL family Fedora Local Security Checks NASL id FEDORA_2013-2212.NASL description This update changes default of MaxStartups to 10:30:100 to start doing random early drop at 10 connections up to 100 connections - CVE-2010-5107 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2013-02-13 plugin id 64604 published 2013-02-13 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/64604 title Fedora 18 : openssh-6.1p1-5.fc18 (2013-2212) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2013-1591.NASL description Updated openssh packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. OpenSSH is OpenBSD last seen 2020-06-01 modified 2020-06-02 plugin id 79164 published 2014-11-12 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/79164 title CentOS 6 : openssh (CESA-2013:1591) NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0146_OPENSSH-LATEST.NASL description The remote NewStart CGSL host, running version MAIN 4.05, has openssh-latest packages installed that are affected by multiple vulnerabilities: - scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice. (CVE-2006-0225) - sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector. (CVE-2006-4924) - Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free. (CVE-2006-5051) - Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4.5 causes weaker verification that authentication has been successful, which might allow attackers to bypass authentication. NOTE: as of 20061108, it is believed that this issue is only exploitable by leveraging vulnerabilities in the unprivileged process, which are not known to exist. (CVE-2006-5794) - Unspecified vulnerability in the linux_audit_record_event function in OpenSSH 4.3p2, as used on Fedora Core 6 and possibly other systems, allows remote attackers to write arbitrary characters to an audit log via a crafted username. NOTE: some of these details are obtained from third party information. (CVE-2007-3102) - The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632. (CVE-2010-4755) - The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections. (CVE-2010-5107) - It was found that OpenSSH did not properly handle certain AcceptEnv parameter values with wildcard characters. A remote attacker could use this flaw to bypass intended environment variable restrictions. (CVE-2014-2532) - It was discovered that OpenSSH clients did not correctly verify DNS SSHFP records. A malicious server could use this flaw to force a connecting client to skip the DNS SSHFP record check and require the user to perform manual host verification of the DNS SSHFP record. (CVE-2014-2653) - It was found that when OpenSSH was used in a Kerberos environment, remote authenticated users were allowed to log in as a different user if they were listed in the ~/.k5users file of that user, potentially bypassing intended authentication restrictions. (CVE-2014-9278) - It was discovered that the OpenSSH sshd daemon did not check the list of keyboard-interactive authentication methods for duplicates. A remote attacker could use this flaw to bypass the MaxAuthTries limit, making it easier to perform password guessing attacks. (CVE-2015-5600) - It was discovered that the OpenSSH sshd daemon fetched PAM environment settings before running the login program. In configurations with UseLogin=yes and the pam_env PAM module configured to read user environment settings, a local user could use this flaw to execute arbitrary code as root. (CVE-2015-8325) - An information leak flaw was found in the way the OpenSSH client roaming feature was implemented. A malicious server could potentially use this flaw to leak portions of memory (possibly including private SSH keys) of a successfully authenticated OpenSSH client. (CVE-2016-0777) - An access flaw was discovered in OpenSSH; the OpenSSH client did not correctly handle failures to generate authentication cookies for untrusted X11 forwarding. A malicious or compromised remote X application could possibly use this flaw to establish a trusted connection to the local X server, even if only untrusted X11 forwarding was requested. (CVE-2016-1908) - A covert timing channel flaw was found in the way OpenSSH handled authentication of non-existent users. A remote unauthenticated attacker could possibly use this flaw to determine valid user names by measuring the timing of server responses. (CVE-2016-6210) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 127415 published 2019-08-12 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127415 title NewStart CGSL MAIN 4.05 : openssh-latest Multiple Vulnerabilities (NS-SA-2019-0146) NASL family F5 Networks Local Security Checks NASL id F5_BIGIP_SOL14741.NASL description The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections. (CVE-2010-5107) last seen 2020-06-01 modified 2020-06-02 plugin id 84450 published 2015-06-30 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/84450 title F5 Networks BIG-IP : OpenSSH vulnerability (K14741) NASL family SuSE Local Security Checks NASL id SUSE_11_OPENSSH-130716.NASL description This update for OpenSSH provides the following fixes : - Implement remote denial of service hardening. (bnc#802639, CVE-2010-5107) - Use only FIPS 140-2 approved algorithms when FIPS mode is detected. (bnc#755505, bnc#821039) - Do not link OpenSSH binaries with LDAP libraries. (bnc#826906) last seen 2020-06-05 modified 2013-08-16 plugin id 69375 published 2013-08-16 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/69375 title SuSE 11.2 Security Update : OpenSSH (SAT Patch Number 8078) NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2016-0030.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : - change default value of MaxStartups - CVE-2010-5107 (John Haxby) - improve RNG seeding from /dev/random (#681291,#708056) - make ssh(1) last seen 2020-06-01 modified 2020-06-02 plugin id 89020 published 2016-02-29 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/89020 title OracleVM 3.2 : openssh (OVMSA-2016-0030) NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0036_OPENSSH.NASL description The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssh packages installed that are affected by multiple vulnerabilities: - scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice. (CVE-2006-0225) - sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector. (CVE-2006-4924) - Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free. (CVE-2006-5051) - Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4.5 causes weaker verification that authentication has been successful, which might allow attackers to bypass authentication. NOTE: as of 20061108, it is believed that this issue is only exploitable by leveraging vulnerabilities in the unprivileged process, which are not known to exist. (CVE-2006-5794) - Unspecified vulnerability in the linux_audit_record_event function in OpenSSH 4.3p2, as used on Fedora Core 6 and possibly other systems, allows remote attackers to write arbitrary characters to an audit log via a crafted username. NOTE: some of these details are obtained from third party information. (CVE-2007-3102) - The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632. (CVE-2010-4755) - The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections. (CVE-2010-5107) - It was found that OpenSSH did not properly handle certain AcceptEnv parameter values with wildcard characters. A remote attacker could use this flaw to bypass intended environment variable restrictions. (CVE-2014-2532) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 127206 published 2019-08-12 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127206 title NewStart CGSL CORE 5.04 / MAIN 5.04 : openssh Multiple Vulnerabilities (NS-SA-2019-0036) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201405-06.NASL description The remote host is affected by the vulnerability described in GLSA-201405-06 (OpenSSH: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in OpenSSH. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could execute arbitrary code, cause a Denial of Service condition, obtain sensitive information, or bypass environment restrictions. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 73958 published 2014-05-12 reporter This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/73958 title GLSA-201405-06 : OpenSSH: Multiple vulnerabilities NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2016-0038.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : - CVE-2015-5600: MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices (#1245969) - CVE-2016-3115: missing sanitisation of input for X11 forwarding (#1317816) - SSH2_MSG_DISCONNECT for user initiated disconnect follow RFC 4253 (#1222500) - Add missing dot in ssh manual page (#1197763) - Fix minor problems found by covscan/gcc (#1196063) - Add missing options in man ssh (#1197763) - Add KbdInteractiveAuthentication documentation to man sshd_config (#1109251) - Correct freeing newkeys structure when privileged monitor exits (#1208584) - Fix problems with failing persistent connections (#1131585) - Fix memory leaks in auditing patch (#1208584) - Better approach to logging sftp commands in chroot - Make sshd -T write all config options and add missing Cipher, MAC to man (#1109251) - Add missing ControlPersist option to man ssh (#1197763) - Add sftp option to force mode of created files (#1191055) - Do not load RSA1 keys in FIPS mode (#1197072) - Add missing support for ECDSA in ssh-keyscan (#1196331) - Fix coverity/gcc issues (#1196063) - Backport wildcard functionality for PermitOpen in sshd_config file (#1159055) - Ability to specify an arbitrary LDAP filter in ldap.conf (#1119506) - Fix ControlPersist option with ProxyCommand (#1160487) - Backport fix of ssh-keygen with error : gethostname: File name too long (#1161454) - Backport show remote address instead of UNKNOWN after timeout at password prompt (#1161449) - Fix printing of extensions in v01 certificates (#1093869) - Fix confusing audit trail for unsuccessful logins (#1127312) - Don last seen 2020-06-01 modified 2020-06-02 plugin id 90076 published 2016-03-22 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90076 title OracleVM 3.3 / 3.4 : openssh (OVMSA-2016-0038) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2013-1591.NASL description From Red Hat Security Advisory 2013:1591 : Updated openssh packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. OpenSSH is OpenBSD last seen 2020-06-01 modified 2020-06-02 plugin id 71129 published 2013-11-29 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/71129 title Oracle Linux 6 : openssh (ELSA-2013-1591) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2013-051.NASL description A vulnerability has been found and corrected in openssh : The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections (CVE-2010-5107). The updated packages have been patched to correct thies issue. last seen 2020-06-01 modified 2020-06-02 plugin id 66065 published 2013-04-20 reporter This script is Copyright (C) 2013-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/66065 title Mandriva Linux Security Advisory : openssh (MDVSA-2013:051) NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2016-0033.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : - change default value of MaxStartups - CVE-2010-5107 (John Haxby) last seen 2020-06-01 modified 2020-06-02 plugin id 89817 published 2016-03-10 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/89817 title OracleVM 2.2 : openssh (OVMSA-2016-0033) NASL family AIX Local Security Checks NASL id AIX_OPENSSH_ADVISORY2.NASL description The version of OpenSSH running on the remote host is affected by a denial of service vulnerability. The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections. last seen 2020-06-01 modified 2020-06-02 plugin id 73558 published 2014-04-16 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/73558 title AIX OpenSSH Advisory : openssh_advisory2.asc NASL family Solaris Local Security Checks NASL id SOLARIS11_SSH_20130716.NASL description The remote Solaris system is missing necessary patches to address security updates : - The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections. (CVE-2010-5107) - The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory. (CVE-2012-0814) last seen 2020-06-01 modified 2020-06-02 plugin id 80775 published 2015-01-19 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/80775 title Oracle Solaris Third-Party Patch Update : ssh (cve_2010_5107_denial_of) NASL family Fedora Local Security Checks NASL id FEDORA_2013-2206.NASL description This update changes default of MaxStartups to 10:30:100 to start doing random early drop at 10 connections up to 100 connections - CVE-2010-5107 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2013-02-26 plugin id 64883 published 2013-02-26 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/64883 title Fedora 17 : openssh-5.9p1-29.fc17 (2013-2206)
Oval
accepted 2014-01-06T04:00:23.370-05:00 class vulnerability contributors name Chandan M C organization Hewlett-Packard definition_extensions comment IBM AIX 5.3 is installed oval oval:org.mitre.oval:def:5325 comment IBM AIX 6.1 is installed oval oval:org.mitre.oval:def:5267 comment IBM AIX 7.1 is installed oval oval:org.mitre.oval:def:18828
description The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections. family unix id oval:org.mitre.oval:def:19515 status accepted submitted 2013-11-18T10:06:56.357-05:00 title AIX OpenSSH Vulnerability version 49 accepted 2015-04-20T04:01:33.588-04:00 class vulnerability contributors name Ganesh Manal organization Hewlett-Packard name Sushant Kumar Singh organization Hewlett-Packard name Sushant Kumar Singh organization Hewlett-Packard name Prashant Kumar organization Hewlett-Packard name Mike Cokus organization The MITRE Corporation
description The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections. family unix id oval:org.mitre.oval:def:19595 status accepted submitted 2013-11-22T11:43:28.000-05:00 title HP-UX Running HP Secure Shell, Remote Denial of Service (DoS) version 49
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 58162 CVE(CAN) ID: CVE-2010-5107 OpenSSH是SSH协议的开源实现。 OpenSSH的默认服务器配置在管理连接槽的实现上存在拒绝服务漏洞,远程攻击者可利用此漏洞耗尽服务器上连接槽,触发拒绝服务。 0 OpenSSH <= 2.9.9 厂商补丁: OpenSSH ------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.openssh.com/ |
| id | SSV:60656 |
| last seen | 2017-11-19 |
| modified | 2013-02-28 |
| published | 2013-02-28 |
| reporter | Root |
| title | OpenSSH默认服务器配置拒绝服务漏洞(CVE-2010-5107) |
References
- http://marc.info/?l=bugtraq&m=144050155601375&w=2
- http://rhn.redhat.com/errata/RHSA-2013-1591.html
- http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/servconf.c?r1=1.234#rev1.234
- http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config.5?r1=1.156#rev1.156
- http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config?r1=1.89#rev1.89
- http://www.openwall.com/lists/oss-security/2013/02/07/3
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- http://www.securityfocus.com/bid/58162
- https://bugzilla.redhat.com/show_bug.cgi?id=908707
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19515
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19595