Published: 27/09/2006 Updated: 17/10/2018

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

VMScore: 785

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

sshd in OpenSSH prior to 4.4, when using the version 1 SSH protocol, allows remote malicious users to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openbsd openssh 1.2.1
openbsd openssh 1.2.2
openbsd openssh 1.2.27
openbsd openssh 2.5.1
openbsd openssh 2.5.2
openbsd openssh 3.0.1
openbsd openssh 3.0.1p1
openbsd openssh 3.2.2
openbsd openssh 3.2.2p1
openbsd openssh 3.2.3p1
openbsd openssh 3.6
openbsd openssh 3.6.1
openbsd openssh 3.8
openbsd openssh 3.8.1
openbsd openssh 4.2
openbsd openssh 4.2p1
openbsd openssh 1.2
openbsd openssh 2.3
openbsd openssh 2.5
openbsd openssh 2.9p2
openbsd openssh 3.0
openbsd openssh 3.1p1
openbsd openssh 3.2
openbsd openssh 3.5
openbsd openssh 3.5p1
openbsd openssh 3.7.1p1
openbsd openssh 3.7.1p2
openbsd openssh 4.0
openbsd openssh 4.0p1
openbsd openssh 4.1p1
openbsd openssh 1.2.3
openbsd openssh 2.1
openbsd openssh 2.9
openbsd openssh 2.9.9
openbsd openssh 3.0.2
openbsd openssh 3.0.2p1
openbsd openssh 3.3
openbsd openssh 3.3p1
openbsd openssh 3.6.1p1
openbsd openssh 3.6.1p2
openbsd openssh 3.8.1p1
openbsd openssh 3.9
openbsd openssh 4.3
openbsd openssh 4.3p1
openbsd openssh 2.1.1
openbsd openssh 2.2
openbsd openssh 2.9.9p2
openbsd openssh 2.9p1
openbsd openssh 3.0p1
openbsd openssh 3.1
openbsd openssh 3.4
openbsd openssh 3.4p1
openbsd openssh 3.7
openbsd openssh 3.7.1
openbsd openssh 3.9.1
openbsd openssh 3.9.1p1

Debian Bug report logs - #389995 CVE-2006-4924: DoS vulnerability in openssh server Package: openssh; Maintainer for openssh is Debian OpenSSH Maintainers <debian-ssh@listsdebianorg>; Reported by: Stefan Fritsch <sf@sfritschde> Date: Thu, 28 Sep 2006 20:03:10 UTC Severity: important Tags: patch, security Found in ...

Tavis Ormandy discovered that the SSH daemon did not properly handle authentication packets with duplicated blocks By sending specially crafted packets, a remote attacker could exploit this to cause the ssh daemon to drain all available CPU resources until the login grace time expired (CVE-2006-4924) ...

Several remote vulnerabilities have been discovered in OpenSSH, a free implementation of the Secure Shell protocol, which may lead to denial of service and potentially the execution of arbitrary code The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-4924 Tavis Ormandy of the Google Security Team disc ...

Two denial of service problems have been found in the OpenSSH server The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CVE-2006-4924 The sshd support for ssh protocol version 1 does not properly handle duplicate incoming blocks This could allow a remote attacker to cause sshd to consume signif ...

#!/bin/bash # # OpenSSH CRC compensation attack detection DoS PoC # Tavis Ormandy <taviso@googlecom> # # Yes, I really did implement crc-32 in bash # # usage: script <hostname> # victim hostname hostname=${1:-localhost} port=${2:-22} # where the fifo is created to communicate with netcat fifo=/tmp/nc$$ # make the fifos mkfifo $ ...

Get Started

CVE-2006-4924

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect