Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2006-4924

sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.

Published

2006-09-27T01:07:00.000

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.8 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: COMPLETE

Exploitability Score

10.0

Impact Score

6.9

Weaknesses

Type: Primary
CWE-399

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	openbsd	openssh	1.2	Yes
Application	openbsd	openssh	1.2.1	Yes
Application	openbsd	openssh	1.2.2	Yes
Application	openbsd	openssh	1.2.3	Yes
Application	openbsd	openssh	1.2.27	Yes
Application	openbsd	openssh	2.1	Yes
Application	openbsd	openssh	2.1.1	Yes
Application	openbsd	openssh	2.2	Yes
Application	openbsd	openssh	2.3	Yes
Application	openbsd	openssh	2.5	Yes
Application	openbsd	openssh	2.5.1	Yes
Application	openbsd	openssh	2.5.2	Yes
Application	openbsd	openssh	2.9	Yes
Application	openbsd	openssh	2.9.9	Yes
Application	openbsd	openssh	2.9.9p2	Yes
Application	openbsd	openssh	2.9p1	Yes
Application	openbsd	openssh	2.9p2	Yes
Application	openbsd	openssh	3.0	Yes
Application	openbsd	openssh	3.0.1	Yes
Application	openbsd	openssh	3.0.1p1	Yes
Application	openbsd	openssh	3.0.2	Yes
Application	openbsd	openssh	3.0.2p1	Yes
Application	openbsd	openssh	3.0p1	Yes
Application	openbsd	openssh	3.1	Yes
Application	openbsd	openssh	3.1p1	Yes
Application	openbsd	openssh	3.2	Yes
Application	openbsd	openssh	3.2.2	Yes
Application	openbsd	openssh	3.2.2p1	Yes
Application	openbsd	openssh	3.2.3p1	Yes
Application	openbsd	openssh	3.3	Yes
Application	openbsd	openssh	3.3p1	Yes
Application	openbsd	openssh	3.4	Yes
Application	openbsd	openssh	3.4p1	Yes
Application	openbsd	openssh	3.5	Yes
Application	openbsd	openssh	3.5p1	Yes
Application	openbsd	openssh	3.6	Yes
Application	openbsd	openssh	3.6.1	Yes
Application	openbsd	openssh	3.6.1p1	Yes
Application	openbsd	openssh	3.6.1p2	Yes
Application	openbsd	openssh	3.7	Yes
Application	openbsd	openssh	3.7.1	Yes
Application	openbsd	openssh	3.7.1p1	Yes
Application	openbsd	openssh	3.7.1p2	Yes
Application	openbsd	openssh	3.8	Yes
Application	openbsd	openssh	3.8.1	Yes
Application	openbsd	openssh	3.8.1p1	Yes
Application	openbsd	openssh	3.9	Yes
Application	openbsd	openssh	3.9.1	Yes
Application	openbsd	openssh	3.9.1p1	Yes
Application	openbsd	openssh	4.0	Yes
Application	openbsd	openssh	4.0p1	Yes
Application	openbsd	openssh	4.1p1	Yes
Application	openbsd	openssh	4.2	Yes
Application	openbsd	openssh	4.2p1	Yes
Application	openbsd	openssh	4.3	Yes
Application	openbsd	openssh	4.3p1	Yes

References

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:22.openssh.asc ([email protected])
ftp://ftp.sco.com/pub/unixware7/714/security/p534336/p534336.txt ([email protected])
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc ([email protected])
http://blogs.sun.com/security/entry/sun_alert_102962_security_vulnerability ([email protected])
http://bugs.gentoo.org/show_bug.cgi?id=148228 ([email protected])
http://docs.info.apple.com/article.html?artnum=305214 ([email protected])
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00815112 ([email protected])
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00815112 ([email protected])
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html ([email protected])
http://marc.info/?l=openssh-unix-dev&m=115939141729160&w=2 ([email protected])
http://secunia.com/advisories/21923 Vendor Advisory ([email protected])
http://secunia.com/advisories/22091 Vendor Advisory ([email protected])
http://secunia.com/advisories/22116 Vendor Advisory ([email protected])
http://secunia.com/advisories/22158 Vendor Advisory ([email protected])
http://secunia.com/advisories/22164 Vendor Advisory ([email protected])
http://secunia.com/advisories/22183 Vendor Advisory ([email protected])
http://secunia.com/advisories/22196 Vendor Advisory ([email protected])
http://secunia.com/advisories/22208 Vendor Advisory ([email protected])
http://secunia.com/advisories/22236 Vendor Advisory ([email protected])
http://secunia.com/advisories/22245 Vendor Advisory ([email protected])
http://secunia.com/advisories/22270 Vendor Advisory ([email protected])
http://secunia.com/advisories/22298 Vendor Advisory ([email protected])
http://secunia.com/advisories/22352 Vendor Advisory ([email protected])
http://secunia.com/advisories/22362 Vendor Advisory ([email protected])
http://secunia.com/advisories/22487 Vendor Advisory ([email protected])
http://secunia.com/advisories/22495 Vendor Advisory ([email protected])
http://secunia.com/advisories/22823 Vendor Advisory ([email protected])
http://secunia.com/advisories/22926 Vendor Advisory ([email protected])
http://secunia.com/advisories/23038 Vendor Advisory ([email protected])
http://secunia.com/advisories/23241 Vendor Advisory ([email protected])
http://secunia.com/advisories/23340 Vendor Advisory ([email protected])
http://secunia.com/advisories/23680 ([email protected])
http://secunia.com/advisories/24479 ([email protected])
http://secunia.com/advisories/24799 ([email protected])
http://secunia.com/advisories/24805 ([email protected])
http://secunia.com/advisories/25608 ([email protected])
http://secunia.com/advisories/29371 ([email protected])
http://secunia.com/advisories/34274 ([email protected])
http://security.freebsd.org/advisories/FreeBSD-SA-06%3A22.openssh.asc ([email protected])
http://security.gentoo.org/glsa/glsa-200609-17.xml ([email protected])
http://security.gentoo.org/glsa/glsa-200611-06.xml ([email protected])
http://securitytracker.com/id?1016931 ([email protected])
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.592566 ([email protected])
http://sourceforge.net/forum/forum.php?forum_id=681763 ([email protected])
http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227 ([email protected])
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102962-1 ([email protected])
http://support.avaya.com/elmodocs2/security/ASA-2006-216.htm ([email protected])
http://support.avaya.com/elmodocs2/security/ASA-2006-262.htm ([email protected])
http://www-unix.globus.org/mail_archive/security-announce/2007/04/msg00000.html ([email protected])
http://www.debian.org/security/2006/dsa-1189 Patch ([email protected])
http://www.debian.org/security/2006/dsa-1212 Patch ([email protected])
http://www.kb.cert.org/vuls/id/787448 US Government Resource ([email protected])
http://www.mandriva.com/security/advisories?name=MDKSA-2006:179 ([email protected])
http://www.novell.com/linux/security/advisories/2006_24_sr.html ([email protected])
http://www.novell.com/linux/security/advisories/2006_62_openssh.html ([email protected])
http://www.openbsd.org/errata.html#ssh ([email protected])
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.022-openssh.html ([email protected])
http://www.osvdb.org/29152 ([email protected])
http://www.redhat.com/support/errata/RHSA-2006-0697.html ([email protected])
http://www.redhat.com/support/errata/RHSA-2006-0698.html ([email protected])
http://www.securityfocus.com/archive/1/447153/100/0/threaded ([email protected])
http://www.securityfocus.com/bid/20216 Exploit, Patch ([email protected])
http://www.trustix.org/errata/2006/0054 ([email protected])
http://www.ubuntu.com/usn/usn-355-1 ([email protected])
http://www.us-cert.gov/cas/techalerts/TA07-072A.html US Government Resource ([email protected])
http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html ([email protected])
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html ([email protected])
http://www.vupen.com/english/advisories/2006/3777 ([email protected])
http://www.vupen.com/english/advisories/2006/4401 ([email protected])
http://www.vupen.com/english/advisories/2006/4869 ([email protected])
http://www.vupen.com/english/advisories/2007/0930 ([email protected])
http://www.vupen.com/english/advisories/2007/1332 ([email protected])
http://www.vupen.com/english/advisories/2007/2119 ([email protected])
http://www.vupen.com/english/advisories/2009/0740 ([email protected])
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=207955 Patch, Vendor Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/29158 ([email protected])
https://hypersonic.bluecoat.com/support/securityadvisories/ssh_server_on_sg ([email protected])
https://issues.rpath.com/browse/RPL-661 ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10462 ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1193 ([email protected])
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:22.openssh.asc (af854a3a-2127-422b-91ae-364da2661108)
ftp://ftp.sco.com/pub/unixware7/714/security/p534336/p534336.txt (af854a3a-2127-422b-91ae-364da2661108)
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc (af854a3a-2127-422b-91ae-364da2661108)
http://blogs.sun.com/security/entry/sun_alert_102962_security_vulnerability (af854a3a-2127-422b-91ae-364da2661108)
http://bugs.gentoo.org/show_bug.cgi?id=148228 (af854a3a-2127-422b-91ae-364da2661108)
http://docs.info.apple.com/article.html?artnum=305214 (af854a3a-2127-422b-91ae-364da2661108)
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00815112 (af854a3a-2127-422b-91ae-364da2661108)
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00815112 (af854a3a-2127-422b-91ae-364da2661108)
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=openssh-unix-dev&m=115939141729160&w=2 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21923 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22091 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22116 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22158 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22164 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22183 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22196 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22208 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22236 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22245 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22270 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22298 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22352 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22362 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22487 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22495 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22823 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22926 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23038 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23241 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23340 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23680 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24479 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24799 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24805 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/25608 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/29371 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/34274 (af854a3a-2127-422b-91ae-364da2661108)
http://security.freebsd.org/advisories/FreeBSD-SA-06%3A22.openssh.asc (af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-200609-17.xml (af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-200611-06.xml (af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1016931 (af854a3a-2127-422b-91ae-364da2661108)
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.592566 (af854a3a-2127-422b-91ae-364da2661108)
http://sourceforge.net/forum/forum.php?forum_id=681763 (af854a3a-2127-422b-91ae-364da2661108)
http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227 (af854a3a-2127-422b-91ae-364da2661108)
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102962-1 (af854a3a-2127-422b-91ae-364da2661108)
http://support.avaya.com/elmodocs2/security/ASA-2006-216.htm (af854a3a-2127-422b-91ae-364da2661108)
http://support.avaya.com/elmodocs2/security/ASA-2006-262.htm (af854a3a-2127-422b-91ae-364da2661108)
http://www-unix.globus.org/mail_archive/security-announce/2007/04/msg00000.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2006/dsa-1189 Patch (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2006/dsa-1212 Patch (af854a3a-2127-422b-91ae-364da2661108)
http://www.kb.cert.org/vuls/id/787448 US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDKSA-2006:179 (af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/linux/security/advisories/2006_24_sr.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/linux/security/advisories/2006_62_openssh.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.openbsd.org/errata.html#ssh (af854a3a-2127-422b-91ae-364da2661108)
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.022-openssh.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/29152 (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2006-0697.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2006-0698.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/447153/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/20216 Exploit, Patch (af854a3a-2127-422b-91ae-364da2661108)
http://www.trustix.org/errata/2006/0054 (af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/usn-355-1 (af854a3a-2127-422b-91ae-364da2661108)
http://www.us-cert.gov/cas/techalerts/TA07-072A.html US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/3777 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/4401 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/4869 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2007/0930 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2007/1332 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2007/2119 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2009/0740 (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=207955 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29158 (af854a3a-2127-422b-91ae-364da2661108)
https://hypersonic.bluecoat.com/support/securityadvisories/ssh_server_on_sg (af854a3a-2127-422b-91ae-364da2661108)
https://issues.rpath.com/browse/RPL-661 (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10462 (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1193 (af854a3a-2127-422b-91ae-364da2661108)