Mandrake Linux Security Advisory : openssh (MDKSA-2006:179)

high Nessus Plugin ID 24565

Synopsis

The remote Mandrake Linux host is missing one or more security updates.

Description

Tavis Ormandy of the Google Security Team discovered a Denial of Service vulnerability in the SSH protocol version 1 CRC compensation attack detector. This could allow a remote unauthenticated attacker to trigger excessive CPU utilization by sending a specially crafted SSH message, which would then deny ssh services to other users or processes (CVE-2006-4924, CVE-2006-4925). Please note that Mandriva ships with only SSH protocol version 2 enabled by default.

Next, an unsafe signal handler was found by Mark Dowd. This signal handler was vulnerable to a race condition that could be exploited to perform a pre-authentication DoS, and theoretically a pre-authentication remote code execution in the case where some authentication methods like GSSAPI are enabled (CVE-2006-5051).

Updated packages have been patched to correct this issue.

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 24565

File Name: mandrake_MDKSA-2006-179.nasl

Version: 1.19

Type: local

Published: 2/18/2007

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:openssh-server, p-cpe:/a:mandriva:linux:openssh-askpass, p-cpe:/a:mandriva:linux:openssh-clients, cpe:/o:mandriva:linux:2006, p-cpe:/a:mandriva:linux:openssh, cpe:/o:mandriva:linux:2007, p-cpe:/a:mandriva:linux:openssh-askpass-gnome, p-cpe:/a:mandriva:linux:openssh-askpass-common

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 10/3/2006

Reference Information

CVE: CVE-2006-4924, CVE-2006-4925, CVE-2006-5051, CVE-2008-4109

BID: 20216, 20241

CWE: 264, 362, 399

MDKSA: 2006:179