sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.

The remote NewStart CGSL host, running version MAIN 4.05, has openssh-latest packages installed that are affected by multiple vulnerabilities:

  - scp in OpenSSH 4.2p1 allows attackers to execute     arbitrary commands via filenames that contain shell     metacharacters or spaces, which are expanded twice.
    (CVE-2006-0225)

  - sshd in OpenSSH before 4.4, when using the version 1 SSH     protocol, allows remote attackers to cause a denial of     service (CPU consumption) via an SSH packet that     contains duplicate blocks, which is not properly handled     by the CRC compensation attack detector. (CVE-2006-4924)

  - Signal handler race condition in OpenSSH before 4.4     allows remote attackers to cause a denial of service     (crash), and possibly execute arbitrary code if GSSAPI     authentication is enabled, via unspecified vectors that     lead to a double-free. (CVE-2006-5051)

  - Unspecified vulnerability in the sshd Privilege     Separation Monitor in OpenSSH before 4.5 causes weaker     verification that authentication has been successful,     which might allow attackers to bypass authentication.
    NOTE: as of 20061108, it is believed that this issue is     only exploitable by leveraging vulnerabilities in the     unprivileged process, which are not known to exist.
    (CVE-2006-5794)

  - Unspecified vulnerability in the     linux_audit_record_event function in OpenSSH 4.3p2, as     used on Fedora Core 6 and possibly other systems, allows     remote attackers to write arbitrary characters to an     audit log via a crafted username. NOTE: some of these     details are obtained from third party information.
    (CVE-2007-3102)

  - The (1) remote_glob function in sftp-glob.c and the (2)     process_put function in sftp.c in OpenSSH 5.8 and     earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2,     OpenBSD 4.7, and other products, allow remote     authenticated users to cause a denial of service (CPU     and memory consumption) via crafted glob expressions     that do not match any pathnames, as demonstrated by glob     expressions in SSH_FXP_STAT requests to an sftp daemon,     a different vulnerability than CVE-2010-2632.
    (CVE-2010-4755)

  - The default configuration of OpenSSH through 6.1     enforces a fixed time limit between establishing a TCP     connection and completing a login, which makes it easier     for remote attackers to cause a denial of service     (connection-slot exhaustion) by periodically making many     new TCP connections. (CVE-2010-5107)

  - It was found that OpenSSH did not properly handle     certain AcceptEnv parameter values with wildcard     characters. A remote attacker could use this flaw to     bypass intended environment variable restrictions.
    (CVE-2014-2532)

  - It was discovered that OpenSSH clients did not correctly     verify DNS SSHFP records. A malicious server could use     this flaw to force a connecting client to skip the DNS     SSHFP record check and require the user to perform     manual host verification of the DNS SSHFP record.
    (CVE-2014-2653)

  - It was found that when OpenSSH was used in a Kerberos     environment, remote authenticated users were allowed to     log in as a different user if they were listed in the     ~/.k5users file of that user, potentially bypassing     intended authentication restrictions. (CVE-2014-9278)

  - It was discovered that the OpenSSH sshd daemon did not     check the list of keyboard-interactive authentication     methods for duplicates. A remote attacker could use this     flaw to bypass the MaxAuthTries limit, making it easier     to perform password guessing attacks. (CVE-2015-5600)

  - It was discovered that the OpenSSH sshd daemon fetched     PAM environment settings before running the login     program. In configurations with UseLogin=yes and the     pam_env PAM module configured to read user environment     settings, a local user could use this flaw to execute     arbitrary code as root. (CVE-2015-8325)

  - An information leak flaw was found in the way the     OpenSSH client roaming feature was implemented. A     malicious server could potentially use this flaw to leak     portions of memory (possibly including private SSH keys)     of a successfully authenticated OpenSSH client.
    (CVE-2016-0777)

  - An access flaw was discovered in OpenSSH; the OpenSSH     client did not correctly handle failures to generate     authentication cookies for untrusted X11 forwarding. A     malicious or compromised remote X application could     possibly use this flaw to establish a trusted connection     to the local X server, even if only untrusted X11     forwarding was requested. (CVE-2016-1908)

  - A covert timing channel flaw was found in the way     OpenSSH handled authentication of non-existent users. A     remote unauthenticated attacker could possibly use this     flaw to determine valid user names by measuring the     timing of server responses. (CVE-2016-6210)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssh packages installed that are affected by multiple vulnerabilities:

  - scp in OpenSSH 4.2p1 allows attackers to execute     arbitrary commands via filenames that contain shell     metacharacters or spaces, which are expanded twice.
    (CVE-2006-0225)

  - sshd in OpenSSH before 4.4, when using the version 1 SSH     protocol, allows remote attackers to cause a denial of     service (CPU consumption) via an SSH packet that     contains duplicate blocks, which is not properly handled     by the CRC compensation attack detector. (CVE-2006-4924)

  - Signal handler race condition in OpenSSH before 4.4     allows remote attackers to cause a denial of service     (crash), and possibly execute arbitrary code if GSSAPI     authentication is enabled, via unspecified vectors that     lead to a double-free. (CVE-2006-5051)

  - Unspecified vulnerability in the sshd Privilege     Separation Monitor in OpenSSH before 4.5 causes weaker     verification that authentication has been successful,     which might allow attackers to bypass authentication.
    NOTE: as of 20061108, it is believed that this issue is     only exploitable by leveraging vulnerabilities in the     unprivileged process, which are not known to exist.
    (CVE-2006-5794)

  - Unspecified vulnerability in the     linux_audit_record_event function in OpenSSH 4.3p2, as     used on Fedora Core 6 and possibly other systems, allows     remote attackers to write arbitrary characters to an     audit log via a crafted username. NOTE: some of these     details are obtained from third party information.
    (CVE-2007-3102)

  - The (1) remote_glob function in sftp-glob.c and the (2)     process_put function in sftp.c in OpenSSH 5.8 and     earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2,     OpenBSD 4.7, and other products, allow remote     authenticated users to cause a denial of service (CPU     and memory consumption) via crafted glob expressions     that do not match any pathnames, as demonstrated by glob     expressions in SSH_FXP_STAT requests to an sftp daemon,     a different vulnerability than CVE-2010-2632.
    (CVE-2010-4755)

  - The default configuration of OpenSSH through 6.1     enforces a fixed time limit between establishing a TCP     connection and completing a login, which makes it easier     for remote attackers to cause a denial of service     (connection-slot exhaustion) by periodically making many     new TCP connections. (CVE-2010-5107)

  - It was found that OpenSSH did not properly handle     certain AcceptEnv parameter values with wildcard     characters. A remote attacker could use this flaw to     bypass intended environment variable restrictions.
    (CVE-2014-2532)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

SunOS 5.10_x86: sshd patch.
Date this patch was last updated by Sun : Jun/21/07

SunOS 5.10: sshd patch.
Date this patch was last updated by Sun : Jun/20/07

The remote BIG-IP device is missing a patch required by a security advisory.

According to the version of one or more Juniper NSM servers running on the remote host, it is potentially vulnerable to multiple vulnerabilities, the worst of which may allow an authenticated user to trigger a denial of service condition or execute arbitrary code.

From Red Hat Security Advisory 2006:0697 :

Updated openssh packages that fix two security flaws are now available for Red Hat Enterprise Linux 3 and 4.

This update has been rated as having important security impact by the Red Hat Security Response Team.

OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. This package includes the core files necessary for both the OpenSSH client and server.

Mark Dowd discovered a signal handler race condition in the OpenSSH sshd server. A remote attacker could possibly leverage this flaw to cause a denial of service (crash). (CVE-2006-5051) The OpenSSH project believes the likelihood of successful exploitation leading to arbitrary code execution appears remote. However, the Red Hat Security Response Team have not yet been able to verify this claim due to lack of upstream vulnerability information. We are therefore including a fix for this flaw and have rated it important security severity in the event our continued investigation finds this issue to be exploitable.

Tavis Ormandy of the Google Security Team discovered a denial of service bug in the OpenSSH sshd server. A remote attacker can send a specially crafted SSH-1 request to the server causing sshd to consume a large quantity of CPU resources. (CVE-2006-4924)

All users of openssh should upgrade to these updated packages, which contain backported patches that resolves these issues.

The version of SunSSH running on the remote host has an information disclosure vulnerability.  A design flaw in the SSH specification could allow a man-in-the-middle attacker to recover up to 32 bits of plaintext from an SSH-protected connection in the standard configuration.  An attacker could exploit this to gain access to sensitive information.

Note that this version of SunSSH is also prone to several additional issues but Nessus did not test for them.

Several security problems were fixed in OpenSSH :

  - A denial of service problem has been fixed in OpenSSH     which could be used to cause lots of CPU consumption on     a remote openssh server. (CVE-2006-4924)

  - If a remote attacker is able to inject network traffic     this could be used to cause a client connection to     close. (CVE-2006-4925)

  - Fixed an unsafe signal hander reported by Mark Dowd. The     signal handler was vulnerable to a race condition that     could be exploited to perform a pre-authentication     denial of service. This vulnerability could     theoretically lead to pre-authentication remote code     execution if GSSAPI authentication is enabled, but the     likelihood of successful exploitation appears remote.
    (CVE-2006-5051)

  - Fixed a GSSAPI authentication abort that could be used     to determine the validity of usernames on some     platforms. (CVE-2006-5052)

Tavis Ormandy discovered that the SSH daemon did not properly handle authentication packets with duplicated blocks. By sending specially crafted packets, a remote attacker could exploit this to cause the ssh daemon to drain all available CPU resources until the login grace time expired. (CVE-2006-4924)

Mark Dowd discovered a race condition in the server's signal handling.
A remote attacker could exploit this to crash the server.
(CVE-2006-5051).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Several security problems were fixed in OpenSSH :

  - CVE-2006-4924: A denial of service problem has been     fixed in OpenSSH which could be used to cause lots of     CPU consumption on a remote openssh server.

  - CVE-2006-4925: If a remote attacker is able to inject     network traffic this could be used to cause a client     connection to close.

  - CVE-2006-5051: Fixed an unsafe signal hander reported by     Mark Dowd. The signal handler was vulnerable to a race     condition that could be exploited to perform a     pre-authentication denial of service. This vulnerability     could theoretically lead to pre-authentication remote     code execution if GSSAPI authentication is enabled, but     the likelihood of successful exploitation appears     remote.

  - CVE-2006-5052: Fixed a GSSAPI authentication abort that     could be used to determine the validity of usernames on     some platforms.

The remote host is running a version of Mac OS X 10.4 that is older than version 10.4.9 or a version of Mac OS X 10.3 that does not have Security Update 2007-003 applied. This update contains several security fixes for the following programs :

 - ColorSync
 - CoreGraphics
 - Crash Reporter
 - CUPS
 - Disk Images
 - DS Plugins
 - Flash Player
 - GNU Tar
 - HFS
 - HID Family
 - ImageIO
 - Kernel
 - MySQL server
 - Networking
 - OpenSSH
 - Printing
 - QuickDraw Manager
 - servermgrd
 - SMB File Server
 - Software Update
 - sudo 
 - WebLog

The remote host is running a version of Mac OS X 10.4 which is older than version 10.4.9 or a version of Mac OS X 10.3 which does not have Security Update 2007-003 applied.

This update contains several security fixes for the following programs :

 - ColorSync
 - CoreGraphics
 - Crash Reporter
 - CUPS
 - Disk Images
 - DS Plugins
 - Flash Player
 - GNU Tar
 - HFS
 - HID Family
 - ImageIO
 - Kernel
 - MySQL server
 - Networking
 - OpenSSH
 - Printing
 - QuickDraw Manager
 - servermgrd
 - SMB File Server
 - Software Update
 - sudo 
 - WebLog

Tavis Ormandy of the Google Security Team discovered a Denial of Service vulnerability in the SSH protocol version 1 CRC compensation attack detector. This could allow a remote unauthenticated attacker to trigger excessive CPU utilization by sending a specially crafted SSH message, which would then deny ssh services to other users or processes (CVE-2006-4924, CVE-2006-4925). Please note that Mandriva ships with only SSH protocol version 2 enabled by default.

Next, an unsafe signal handler was found by Mark Dowd. This signal handler was vulnerable to a race condition that could be exploited to perform a pre-authentication DoS, and theoretically a pre-authentication remote code execution in the case where some authentication methods like GSSAPI are enabled (CVE-2006-5051).

Updated packages have been patched to correct this issue.

Two denial of service problems have been found in the OpenSSH server.
The Common Vulnerabilities and Exposures project identifies the following vulnerabilities :

  - CVE-2006-4924     The sshd support for ssh protocol version 1 does not     properly handle duplicate incoming blocks. This could     allow a remote attacker to cause sshd to consume     significant CPU resources leading to a denial of     service.

  - CVE-2006-5051     A signal handler race condition could potentially allow     a remote attacker to crash sshd and could theoretically     lead to the ability to execute arbitrary code.

Several remote vulnerabilities have been discovered in OpenSSH, a free implementation of the Secure Shell protocol, which may lead to denial of service and potentially the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems :

  - CVE-2006-4924     Tavis Ormandy of the Google Security Team discovered a     denial of service vulnerability in the mitigation code     against complexity attacks, which might lead to     increased CPU consumption until a timeout is triggered.
    This is only exploitable if support for SSH protocol     version 1 is enabled.

  - CVE-2006-5051     Mark Dowd discovered that insecure signal handler usage     could potentially lead to execution of arbitrary code     through a double free. The Debian Security Team doesn't     believe the general openssh package without Kerberos     support to be exploitable by this issue. However, due to     the complexity of the underlying code we will issue an     update to rule out all eventualities.

Problem Description The CRC compensation attack detector in the sshd(8) daemon, upon receipt of duplicate blocks, uses CPU time cubic in the number of duplicate blocks received. [CVE-2006-4924]

A race condition exists in a signal handler used by the sshd(8) daemon to handle the LoginGraceTime option, which can potentially cause some cleanup routines to be executed multiple times. [CVE-2006-5051] Impact An attacker sending specially crafted packets to sshd(8) can cause a Denial of Service by using 100% of CPU time until a connection timeout occurs. Since this attack can be performed over multiple connections simultaneously, it is possible to cause up to MaxStartups (10 by default) sshd processes to use all the CPU time they can obtain.
[CVE-2006-4924]

The OpenSSH project believe that the race condition can lead to a Denial of Service or potentially remote code execution, but the FreeBSD Security Team has been unable to verify the exact impact.
[CVE-2006-5051] Workaround The attack against the CRC compensation attack detector can be avoided by disabling SSH Protocol version 1 support in sshd_config(5).

There is no workaround for the second issue.

Updated openssh packages that fix two security flaws are now available for Red Hat Enterprise Linux 3 and 4.

This update has been rated as having important security impact by the Red Hat Security Response Team.

OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. This package includes the core files necessary for both the OpenSSH client and server.

Mark Dowd discovered a signal handler race condition in the OpenSSH sshd server. A remote attacker could possibly leverage this flaw to cause a denial of service (crash). (CVE-2006-5051) The OpenSSH project believes the likelihood of successful exploitation leading to arbitrary code execution appears remote. However, the Red Hat Security Response Team have not yet been able to verify this claim due to lack of upstream vulnerability information. We are therefore including a fix for this flaw and have rated it important security severity in the event our continued investigation finds this issue to be exploitable.

Tavis Ormandy of the Google Security Team discovered a denial of service bug in the OpenSSH sshd server. A remote attacker can send a specially crafted SSH-1 request to the server causing sshd to consume a large quantity of CPU resources. (CVE-2006-4924)

All users of openssh should upgrade to these updated packages, which contain backported patches that resolves these issues.

Updated openssh packages that fix several security issues in sshd are now available for Red Hat Enterprise Linux 2.1.

This update has been rated as having important security impact by the Red Hat Security Response Team.

OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. This package includes the core files necessary for both the OpenSSH client and server.

Mark Dowd discovered a signal handler race condition in the OpenSSH sshd server. A remote attacker could possibly leverage this flaw to cause a denial of service (crash). (CVE-2006-5051) The OpenSSH project believes the likelihood of successful exploitation leading to arbitrary code execution appears remote. However, the Red Hat Security Response Team have not yet been able to verify this claim due to lack of upstream vulnerability information. We are therefore including a fix for this flaw and have rated it important security severity in the event our continued investigation finds this issue to be exploitable.

Tavis Ormandy of the Google Security Team discovered a denial of service bug in the OpenSSH sshd server. A remote attacker can send a specially crafted SSH-1 request to the server causing sshd to consume a large quantity of CPU resources. (CVE-2006-4924)

An arbitrary command execution flaw was discovered in the way scp copies files locally. It is possible for a local attacker to create a file with a carefully crafted name that could execute arbitrary commands as the user running scp to copy files locally.
(CVE-2006-0225)

The SSH daemon, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass 'from=' and 'user@host' address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address. (CVE-2003-0386)

All users of openssh should upgrade to these updated packages, which contain backported patches that resolve these issues.

New openssh packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix security issues.

The remote host is running a version of OpenSSH that is vulnerable to a flaw in the way that it handles GSSAPI authentication.  If the SSH server is configured to utilize GSSAPI authentication then the host may be compromised by a remote attacker with access to the SSH port (typically 22).  Successful exploitation would result in remote code execution.

The version of OpenSSH running on the remote host is prior to version 4.4. Such versions are affected by multiple vulnerabilities:

 - A race condition exists that may allow an unauthenticated, remote attacker to crash the service or, on portable OpenSSH, possibly execute code on the affected host. Note that successful exploitation requires that GSSAPI authentication be enabled.
 - A flaw exists that may allow an attacker to determine the validity of usernames on some platforms. Note that this issue requires that GSSAPI authentication be enabled.
 - When SSH version 1 is used, an issue can be triggered via an SSH packet that contains duplicate blocks that could result in a loss of availability for the service.
 - On Fedora Core 6 (and possibly other systems), an unspecified vulnerability in the linux_audit_record_event() function allows remote attackers to inject incorrect information into audit logs.

According to its banner, the version of OpenSSH installed on the remote host is affected by multiple vulnerabilities :

  - A race condition exists that may allow an     unauthenticated, remote attacker to crash the service     or, on portable OpenSSH, possibly execute code on the     affected host.  Note that successful exploitation     requires that GSSAPI authentication be enabled.
    
  - A flaw exists that may allow an attacker to determine     the validity of usernames on some platforms. Note that     this issue requires that GSSAPI authentication be     enabled.

  - When SSH version 1 is used, an issue can be triggered     via an SSH packet that contains duplicate blocks that     could result in a loss of availability for the service.

  - On Fedora Core 6 (and possibly other systems), an     unspecified vulnerability in the     linux_audit_record_event() function allows remote     attackers to inject incorrect information into     audit logs.

The remote host is affected by the vulnerability described in GLSA-200609-17 (OpenSSH: Denial of Service)

    Tavis Ormandy of the Google Security Team discovered a Denial of     Service vulnerability in the SSH protocol version 1 CRC compensation     attack detector.
  Impact :

    A remote unauthenticated attacker may be able to trigger excessive CPU     usage by sending a pathological SSH message, denying service to other     legitimate users or processes.
  Workaround :

    The system administrator may disable SSH protocol version 1 in     /etc/ssh/sshd_config.

ID	Name	Product	Family	Severity
127415	NewStart CGSL MAIN 4.05 : openssh-latest Multiple Vulnerabilities (NS-SA-2019-0146)	Nessus	NewStart CGSL Local Security Checks	critical
127206	NewStart CGSL CORE 5.04 / MAIN 5.04 : openssh Multiple Vulnerabilities (NS-SA-2019-0036)	Nessus	NewStart CGSL Local Security Checks	high
107891	Solaris 10 (x86) : 123325-03	Nessus	Solaris Local Security Checks	high
107389	Solaris 10 (sparc) : 123324-03	Nessus	Solaris Local Security Checks	high
88441	F5 Networks BIG-IP : OpenSSH vulnerabilities (SOL6736)	Nessus	F5 Networks Local Security Checks	high
69872	Juniper NSM Servers < 2012.1 Multiple Vulnerabilities	Nessus	Misc.	high
67412	Oracle Linux 4 : openssh (ELSA-2006-0697)	Nessus	Oracle Linux Local Security Checks	high
55992	SunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure	Nessus	Misc.	critical
29538	SuSE 10 Security Update : OpenSSH (ZYPP Patch Number 2184)	Nessus	SuSE Local Security Checks	high
27935	Ubuntu 5.04 / 5.10 / 6.06 LTS : openssh vulnerabilities (USN-355-1)	Nessus	Ubuntu Local Security Checks	high
27365	openSUSE 10 Security Update : openssh (openssh-2183)	Nessus	SuSE Local Security Checks	high
3947	Mac OS X < 10.4.9 Multiple Vulnerabilities (Security Update 2007-003)	Nessus Network Monitor	Web Clients	high
24811	Mac OS X < 10.4.9 Multiple Vulnerabilities (Security Update 2007-003)	Nessus	MacOS X Local Security Checks	critical
24565	Mandrake Linux Security Advisory : openssh (MDKSA-2006:179)	Nessus	Mandriva Local Security Checks	high
23661	Debian DSA-1212-1 : openssh - Denial of service	Nessus	Debian Local Security Checks	high
22731	Debian DSA-1189-1 : openssh-krb5 - several vulnerabilities	Nessus	Debian Local Security Checks	high
22488	FreeBSD : openssh -- multiple vulnerabilities (32db37a5-50c3-11db-acf3-000c6ec775d9)	Nessus	FreeBSD Local Security Checks	high
22485	CentOS 3 / 4 : openssh / openssl (CESA-2006:0697)	Nessus	CentOS Local Security Checks	high
22474	RHEL 2.1 : openssh (RHSA-2006:0698)	Nessus	Red Hat Local Security Checks	high
22473	RHEL 3 / 4 : openssh (RHSA-2006:0697)	Nessus	Red Hat Local Security Checks	high
22468	Slackware 10.0 / 10.1 / 10.2 / 8.1 / 9.0 / 9.1 / current : openssh (SSA:2006-272-02)	Nessus	Slackware Local Security Checks	high
3754	OpenBSD Portable OpenSSH < 4.4.p1 GSSAPI Authentication Overflow	Nessus Network Monitor	SSH	high
3751	OpenSSH < 4.4 Multiple Vulnerabilities	Nessus Network Monitor	SSH	low
22466	OpenSSH < 4.4 Multiple Vulnerabilities	Nessus	Misc.	high
22464	GLSA-200609-17 : OpenSSH: Denial of Service	Nessus	Gentoo Local Security Checks	high

Detections

Analytics

CVE-2006-4924

high

Tenable Plugins

critical

high

high

high

high

high

high

critical

high

high

high

high

critical

high

high

high

high

high

high

high

high

high

low

high

high