Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
5.9
CVSSv3

CVE-2025-26466

CVSSv4: NA | CVSSv3: 5.9 | CVSSv2: NA | VMScore: 690 | EPSS: 0.38965 | KEV: Not Included
Published: 28/02/2025 Updated: 28/02/2025

Vulnerability Summary

OpenSSH Denial of Service Vulnerability via Unbounded Ping Packet Allocation

A vulnerability has been discovered in the OpenSSH package that can cause a denial of service condition. When an SSH server receives ping packets, it creates and stores pong packets in a memory buffer. These packets remain in the queue until the server/client key exchange is complete. A malicious client can exploit this behavior by continuously sending ping packets, which causes uncontrolled memory consumption. As a result, the server's resources can be exhausted, potentially rendering the server unavailable and disrupting normal operations.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

red hat red hat enterprise linux 6

red hat red hat enterprise linux 7

red hat red hat enterprise linux 8

red hat red hat enterprise linux 9

red hat red hat openshift container platform 4

Mailing Lists

Full Disclosure: Re: MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client
Hey all, First of all, cool findings! I've been working on the CodeQL query and have a revised version that I think improves accuracy and might offer some performance gains (though I haven't done rigorous benchmarking) The key change is the use of `StackVariableReachability` and making sure that there's a path wher e `var` is not reassigned bef ...
Full Disclosure: MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client
Qualys Security Advisory CVE-2025-26465: MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client CVE-2025-26466: DoS attack against OpenSSH's client and server ======================================================================== Contents ======================================================================== Summary Background Exper ...
Full Disclosure: Announce: OpenSSH 9.9p2 released
OpenSSH 99p2 has just been released It will be available from the mirrors listed at wwwopensshcom/ shortly OpenSSH is a 100% complete SSH protocol 20 implementation and includes sftp client and server support Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who co ...
Full Disclosure: MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client
Qualys Security Advisory CVE-2025-26465: MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client CVE-2025-26466: DoS attack against OpenSSH's client and server ======================================================================== Contents ======================================================================== Summary Background Exper ...

Github Repositories

https://github.com/Theshield-crack/wazuh-SIEM-with-ubuntu-

wazuh-SIEM-with-ubuntu- This project demonstrates a practical implementation of Wazuh SIEM on Ubuntu Below are the key findings and tasks completed during this setup: Key Highlights: Installing and Deploying Wazuh Deploying Wazuh Agents on Ubuntu and Windows File Integrity Monitoring in Wazuh Detecting the Execution of Malicious Commands Detecting and Blocking SSH Brute-Force

https://github.com/jhonnybonny/CVE-2025-26466

OpenSSH server 9.5p1 - 9.9p1 DoS (PoC)

OpenSSH DoS Exploit (CVE-2025-26466) Description This exploit targets a denial-of-service (DoS) vulnerability in OpenSSH (CVE-2025-26466) The vulnerability allows unauthenticated attackers to consume excessive memory and CPU resources by sending a large number of specially crafted SSH2_MSG_PING packets during the key exchange process This can cause the SSH server to become u

https://github.com/rxerium/CVE-2025-26466

The OpenSSH client and server are vulnerable to a pre-authentication DoS attack between versions 9.5p1 to 9.9p1 (inclusive) that causes memory and CPU consumption

CVE-2025-26466 How does this detection method work? This template matches on the following vulnerable versions: - "SSH-20-OpenSSH_95p1" - "SSH-20-OpenSSH_96p1" - "SSH-20-OpenSSH_97p1" - "SSH-20-OpenSSH_98p1" - "SSH-20-OpenSSH_99p1"

https://github.com/Theshield-crack/wazuh-SIEM-with-ubuntu

wazuh-SIEM-with-ubuntu- This project demonstrates a practical implementation of Wazuh SIEM on Ubuntu Below are the key findings and tasks completed during this setup: Key Highlights: Installing and Deploying Wazuh Deploying Wazuh Agents on Ubuntu and Windows File Integrity Monitoring in Wazuh Detecting the Execution of Malicious Commands Detecting and Blocking SSH Brute-Force

Recent Articles

Microsoft testing fix for Windows 11 bug breaking SSH connections
BleepingComputer • Sergiu Gatlan • 20 Feb 2025

Microsoft testing fix for Windows 11 bug breaking SSH connections By Sergiu Gatlan February 20, 2025 08:19 AM 0 Microsoft is not testing a fix for a longstanding known issue that is breaking SSH connections on some Windows 11 22H2 and 23H2 systems. On Tuesday, Microsoft started rolling Windows 11 Build 26100.3321 (KB5052093) Insiders in the Release Preview Channel on Windows 11 24H2 (Build 26100) with a fix for this bug. When it first acknowledged the issue in November, the company explained it ...

Read more...
New OpenSSH flaws expose SSH servers to MiTM and DoS attacks
BleepingComputer • Bill Toulas • 18 Feb 2025

New OpenSSH flaws expose SSH servers to MiTM and DoS attacks By Bill Toulas February 18, 2025 12:07 PM 0 OpenSSH has released security updates addressing two vulnerabilities, a machine-in-the-middle (MitM) and a denial of service flaw, with one of the flaws introduced over a decade ago. Qualys discovered both vulnerabilities and demonstrated their exploitability to OpenSSH's maintainers. OpenSSH (Open Secure Shell) is a free, open-source implementation of the SSH (Secure Shell) protocol, which p...

Read more...
FreSSH bugs undiscovered for years threaten OpenSSH security
The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Exploit code now available for MitM and DoS attacks

Researchers can disclose two brand-new vulnerabilities in OpenSSH now that patches have been released. Qualys discovered the bugs in January, per its disclosure timeline. These vulnerabilities allow miscreants to perform machine-in-the-middle (MitM) attacks on the OpenSSH client and pre-authentication denial-of-service (DoS) attacks. Patches for CVE-2025-26465 and CVE-2025-26466 were released this morning. Although their respective severity scores (6.8 and 5.9) don't necessarily scream "patch me...

Read more...

References

CWE-400https://nvd.nist.govhttps://www.theregister.co.uk/2025/02/18/openssh_vulnerabilities_mitm_dos/https://github.com/jhonnybonny/CVE-2025-26466https://www.first.org/epsshttps://access.redhat.com/security/cve/CVE-2025-26466https://bugzilla.redhat.com/show_bug.cgi?id=2345043https://www.qualys.com/2025/02/18/openssh-mitm-dos.txthttps://security.netapp.com/advisory/ntap-20250228-0002/
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-42599CVE-2025-3808phpgurukulinsecure direct object referenceCVE-2025-3840CVE-2025-43967men salon management systemdenial of servicevirtuemart component for joomlapritunlLFICVE-2025-32433CVE-2022-47112
Home
/
Search Results
/
CVE-2025-26466
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook