Family: Debian Local Security Checks --> Category: infos
[DSA1212] DSA-1212-1 openssh Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Two denial of service problems have been found in the OpenSSH
server. The Common Vulnerabilities and Exposures project identifies the
The sshd support for ssh protocol version 1 does not properly
handle duplicate incoming blocks. This could allow a remote
attacker to cause sshd to consume significant CPU resources
leading to a denial of service.
A signal handler race condition could potentially allow a remote
attacker to crash sshd and could theoretically lead to the
ability to execute arbitrary code.
For the stable distribution (sarge), these problems have been fixed in
For the unstable and testing distributions, these problems have been
fixed in version 1:4.3p2-4.
We recommend that you upgrade your openssh package.
Solution : http://www.debian.org/security/2006/dsa-1212
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.