Oval Definition:oval:org.mitre.oval:def:1193
Revision Date:2007-08-02Version:16
Title:Security Vulnerability in the sshd(1M) Protocol Version 1 Implementation May Allow a Denial of Service to the Host
Description:sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2006-4924
Platform(s):Sun Solaris 10
Sun Solaris 9
Product(s):
Definition Synopsis
  • Software section
  • Solaris 9 (SPARC)
  • Solaris 9 (SPARC) is installed
  • AND NOT Patch 113273-15 or later installed
  • OR Solaris 9 (x86)
  • Solaris 9 (x86) is installed
  • AND NOT Patch 114858-12 or later installed
  • OR Solaris 10 (SPARC)
  • Solaris 10 (SPARC) is installed
  • AND NOT Patch 123324-03 or later installed
  • OR Solaris 10 (x86)
  • Solaris 10 (x86) is installed
  • AND NOT Patch 123325-03 or later installed
  • AND Configuration section
  • sshd is configured to use version 1 of the protocol
  • OR NOT sshd is configured to use default versions (including version 1)
    • BACK