packet.c in ssh in OpenSSH allows remote malicious users to cause a denial of service (crash) by sending an invalid protocol sequence with USERAUTH_SUCCESS before NEWKEYS, which causes newkeys[mode] to be NULL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openbsd openssh 4.5 |