Re: OpenSSH Vulnerability

• Previous message: Ryan Veety: "Re: OpenSSH Vulnerability"
• In reply to: Alexander E. Cuttergo: "Re: OpenSSH Vulnerability"
• Next in thread: Ryan Veety: "Re: OpenSSH Vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 18 Sep 2003 20:57:06 +0200
To: vuln-dev@securityfocus.com

On Thu, Sep 18, 2003 at 11:35:21AM -0700, Alexander E. Cuttergo wrote:

<snip>
> It would be easier to exploit out-of-memory condition. But it requires
> additional bug to consume all memory on an attacked host. By default, sshd
> allows only 10 unauthenticated sessions, so by sshd you can only consume ca
> 20MBx10=200MB, which is not enough.

Is it also true when running sshd by inetd (-i) ?

cu

-- 
---------------------------------------------------------------------
 Enrico Weigelt    ==   metux IT services
 phone:     +49 36207 519931         www:       http://www.metux.de/     
 fax:       +49 36207 519932         email:     contact@metux.de
 cellphone: +49 174 7066481	     
---------------------------------------------------------------------
 Diese Mail wurde mit UUCP versandt.      http://www.metux.de/uucp/

• Previous message: Ryan Veety: "Re: OpenSSH Vulnerability"
• In reply to: Alexander E. Cuttergo: "Re: OpenSSH Vulnerability"
• Next in thread: Ryan Veety: "Re: OpenSSH Vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: How to Troubleshoot Resource Consuming SSHD Process ... > Then how do I know which process is being forked and cost the SSHD to ... > consume that much resources? ... Have the logs shown any errors. ... (comp.sys.sun.admin) Re: How to Troubleshoot Resource Consuming SSHD Process ... Then how do I know which process is being forked and cost the SSHD to ... consume that much resources? ... (comp.sys.sun.admin)