Oval Definition:oval:org.opensuse.security:def:20084109
Revision Date:2015-11-16Version:1
Title:CVE-2008-4109
Description:
A certain Debian patch for OpenSSH before 4.3p2-9etch3 on etch; before 4.6p1-1 on sid and lenny; and on other distributions such as SUSE uses functions that are not async-signal-safe in the signal handler for login timeouts, which allows remote attackers to cause a denial of service (connection slot exhaustion) via multiple login attempts. NOTE: this issue exists because of an incorrect fix for CVE-2006-5051.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2008-4109
Platform(s):Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
Open Enterprise Server
SUSE CORE 9 for AMD64 and Intel EM64T
SUSE CORE 9 for IBM POWER
SUSE CORE 9 for IBM S/390 31bit
SUSE CORE 9 for IBM zSeries 64bit
SUSE CORE 9 for Itanium Processor Family
SUSE CORE 9 for x86
Product(s):
Definition Synopsis
  • sles9-nld is installed
  • AND Package Information
  • openssh-askpass less than 4.1p1-11.44
  • OR openssh less than 4.1p1-11.44
  • BACK