CVE-2006-4924

First published: Wed Sep 27 2006(Updated: )

sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Openbsd Openssh	=3.8
Openbsd Openssh	=3.8.1p1
Openbsd Openssh	=3.2.2
Openbsd Openssh	=3.1
Openbsd Openssh	=3.0.2p1
Openbsd Openssh	=3.8.1
Openbsd Openssh	=2.1.1
Openbsd Openssh	=3.7.1p2
Openbsd Openssh	=3.2.3p1
Openbsd Openssh	=3.1p1
Openbsd Openssh	=2.5.1
Openbsd Openssh	=2.9.9p2
Openbsd Openssh	=3.6.1p2
Openbsd Openssh	=3.9
Openbsd Openssh	=3.0
Openbsd Openssh	=1.2.1
Openbsd Openssh	=2.2
Openbsd Openssh	=3.2
Openbsd Openssh	=3.6
Openbsd Openssh	=1.2.3
Openbsd Openssh	=3.7
Openbsd Openssh	=4.0p1
Openbsd Openssh	=3.5p1
Openbsd Openssh	=3.0.1p1
Openbsd Openssh	=3.7.1p1
Openbsd Openssh	=2.1
Openbsd Openssh	=1.2
Openbsd Openssh	=3.3
Openbsd Openssh	=3.2.2p1
Openbsd Openssh	=3.9.1p1
Openbsd Openssh	=3.0.2
Openbsd Openssh	=3.4p1
Openbsd Openssh	=3.6.1p1
Openbsd Openssh	=3.0.1
Openbsd Openssh	=2.9.9
Openbsd Openssh	=3.6.1
Openbsd Openssh	=4.1p1
Openbsd Openssh	=1.2.2
Openbsd Openssh	=4.2p1
Openbsd Openssh	=2.9p1
Openbsd Openssh	=2.9
Openbsd Openssh	=3.7.1
Openbsd Openssh	=1.2.27
Openbsd Openssh	=4.2
Openbsd Openssh	=2.5.2
Openbsd Openssh	=2.3
Openbsd Openssh	=3.4
Openbsd Openssh	=4.3p1
Openbsd Openssh	=3.5
Openbsd Openssh	=2.5
Openbsd Openssh	=3.0p1
Openbsd Openssh	=3.3p1
Openbsd Openssh	=4.3
Openbsd Openssh	=4.0
Openbsd Openssh	=3.9.1
Openbsd Openssh	=2.9p2

Never miss a vulnerability like this again

Reference Links

collector/nvd-historical
collector/nvd-index
agent/severity
agent/weakness
agent/author
agent/references
agent/tags
agent/type
agent/event
agent/description
agent/remedy
agent/last-modified-date
agent/first-publish-date
agent/softwarecombine
vendor/openbsd
canonical/openbsd openssh
version/openbsd openssh/3.8
version/openbsd openssh/3.8.1p1
version/openbsd openssh/3.2.2
version/openbsd openssh/3.1
version/openbsd openssh/3.0.2p1
version/openbsd openssh/3.8.1
version/openbsd openssh/2.1.1
version/openbsd openssh/3.7.1p2
version/openbsd openssh/3.2.3p1
version/openbsd openssh/3.1p1
version/openbsd openssh/2.5.1
version/openbsd openssh/2.9.9p2
version/openbsd openssh/3.6.1p2
version/openbsd openssh/3.9
version/openbsd openssh/3.0
version/openbsd openssh/1.2.1
version/openbsd openssh/2.2
version/openbsd openssh/3.2
version/openbsd openssh/3.6
version/openbsd openssh/1.2.3
version/openbsd openssh/3.7
version/openbsd openssh/4.0p1
version/openbsd openssh/3.5p1
version/openbsd openssh/3.0.1p1
version/openbsd openssh/3.7.1p1
version/openbsd openssh/2.1
version/openbsd openssh/1.2
version/openbsd openssh/3.3
version/openbsd openssh/3.2.2p1
version/openbsd openssh/3.9.1p1
version/openbsd openssh/3.0.2
version/openbsd openssh/3.4p1
version/openbsd openssh/3.6.1p1
version/openbsd openssh/3.0.1
version/openbsd openssh/2.9.9
version/openbsd openssh/3.6.1
version/openbsd openssh/4.1p1
version/openbsd openssh/1.2.2
version/openbsd openssh/4.2p1
version/openbsd openssh/2.9p1
version/openbsd openssh/2.9
version/openbsd openssh/3.7.1
version/openbsd openssh/1.2.27
version/openbsd openssh/4.2
version/openbsd openssh/2.5.2
version/openbsd openssh/2.3
version/openbsd openssh/3.4
version/openbsd openssh/4.3p1
version/openbsd openssh/3.5
version/openbsd openssh/2.5
version/openbsd openssh/3.0p1
version/openbsd openssh/3.3p1
version/openbsd openssh/4.3
version/openbsd openssh/4.0
version/openbsd openssh/3.9.1
version/openbsd openssh/2.9p2

CVE-2006-4924

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact