OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote malicious users to cause a denial of service (client connection refusal) by connecting multiple times to the SSH server, waiting for the password prompt, then disconnecting.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openbsd openssh 3.8.1p1 |
||
freebsd freebsd 5.3 |
||
freebsd freebsd 5.4 |