Signature Detail
Short Name |
SSH:OPENSSH:BLOCK-DOS |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
SSH |
Keywords |
OpenSSH sshd Identical Blocks Denial of Service |
Release Date |
2010/09/27 |
Update Number |
1779 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
SSH: OpenSSH sshd Identical Blocks Denial of Service
This signature detects attempts to exploit a known vulnerability against OpenSSH. A successful attack can result in a denial-of-service condition.
Extended Description
OpenSSH is prone to a remote denial-of-service vulnerability because it fails to properly handle incoming duplicate blocks. Remote attackers may exploit this issue to consume excessive CPU resources, potentially denying service to legitimate users. This issue occurs only when OpenSSH is configured to accept SSH Version One traffic.
Affected Products
- Apple Mac OS X 10.3.9
- Apple Mac OS X 10.4.0
- Apple Mac OS X 10.4.1
- Apple Mac OS X 10.4.2
- Apple Mac OS X 10.4.3
- Apple Mac OS X 10.4.4
- Apple Mac OS X 10.4.5
- Apple Mac OS X 10.4.6
- Apple Mac OS X 10.4.7
- Apple Mac OS X 10.4.8
- Apple Mac OS X Server 10.3.9
- Apple Mac OS X Server 10.4.0
- Apple Mac OS X Server 10.4.1
- Apple Mac OS X Server 10.4.2
- Apple Mac OS X Server 10.4.3
- Apple Mac OS X Server 10.4.4
- Apple Mac OS X Server 10.4.5
- Apple Mac OS X Server 10.4.6
- Apple Mac OS X Server 10.4.7
- Apple Mac OS X Server 10.4.8
- Avaya CVLAN
- Avaya Integrated Management 2.1.0
- Avaya Integrated Management
- Avaya Intuity LX
- Avaya Message Networking
- Avaya Messaging Storage Server 1.0
- Avaya Messaging Storage Server 2.0
- Avaya Messaging Storage Server MM3.0
- Avaya Messaging Storage Server
- Avaya Predictive Dialer
- Avaya Predictive Dialing System (PDS) 11.0.0
- Avaya Predictive Dialing System (PDS) 11.11
- Blue Coat Systems ProxySG 4.2
- Blue Coat Systems ProxySG 4.2.1.6
- Blue Coat Systems ProxySG 4.2.6.1
- Blue Coat Systems ProxySG 4.2.8.7
- Blue Coat Systems ProxySG 4.3
- Blue Coat Systems ProxySG 5.2
- Blue Coat Systems ProxySG 5.2.2.5
- Blue Coat Systems ProxySG 5.2.4.3
- Debian Linux 3.1.0
- Debian Linux 3.1.0 Alpha
- Debian Linux 3.1.0 Amd64
- Debian Linux 3.1.0 Arm
- Debian Linux 3.1.0 Hppa
- Debian Linux 3.1.0 Ia-32
- Debian Linux 3.1.0 Ia-64
- Debian Linux 3.1.0 M68k
- Debian Linux 3.1.0 Mips
- Debian Linux 3.1.0 Mipsel
- Debian Linux 3.1.0 Ppc
- Debian Linux 3.1.0 S/390
- Debian Linux 3.1.0 Sparc
- FreeBSD 1.1.5 .1
- FreeBSD 2.0.0
- FreeBSD 2.0.5
- FreeBSD 2.1.0
- FreeBSD 2.1.0 X
- FreeBSD 2.1.5
- FreeBSD 2.1.6
- FreeBSD 2.1.6 .1
- FreeBSD 2.1.7 .1
- FreeBSD 2.2.0
- FreeBSD 2.2.0 X
- FreeBSD 2.2.2
- FreeBSD 2.2.3
- FreeBSD 2.2.4
- FreeBSD 2.2.5
- FreeBSD 2.2.6
- FreeBSD 2.2.8
- FreeBSD 2.X
- FreeBSD 3.0.0
- FreeBSD 3.0.0 -RELENG
- FreeBSD 3.1.0
- FreeBSD 3.1.0 X
- FreeBSD 3.2.0
- FreeBSD 3.2.0 X
- FreeBSD 3.3.0
- FreeBSD 3.3.0 X
- FreeBSD 3.4.0
- FreeBSD 3.4.0 X
- FreeBSD 3.5.0
- FreeBSD 3.5.0 -STABLE
- FreeBSD 3.5.0 -Stablepre050201
- FreeBSD 3.5.0 -Stablepre122300
- FreeBSD 3.5.0 X
- FreeBSD 3.5.1
- FreeBSD 3.5.1 -RELEASE
- FreeBSD 3.5.1 -STABLE
- FreeBSD 3.5.1 -Stablepre2001-07-20
- FreeBSD 3.X
- FreeBSD 4.0.0
- FreeBSD 4.0.0 Alpha
- FreeBSD 4.0.0 -RELENG
- FreeBSD 4.0.0 .X
- FreeBSD 4.1.0
- FreeBSD 4.10.0
- FreeBSD 4.10.0 -RELEASE
- FreeBSD 4.10.0 -RELEASE-P8
- FreeBSD 4.10.0 -RELENG
- FreeBSD 4.10-PRERELEASE
- FreeBSD 4.1.1
- FreeBSD 4.11.0 -RELEASE
- FreeBSD 4.11.0 -RELEASE-P20
- FreeBSD 4.11.0 -RELEASE-P3
- FreeBSD 4.11.0 -RELENG
- FreeBSD 4.11.0 -STABLE
- FreeBSD 4.1.1 -RELEASE
- FreeBSD 4.1.1 -STABLE
- FreeBSD 4.2.0
- FreeBSD 4.2.0 -RELEASE
- FreeBSD 4.2.0 -STABLE
- FreeBSD 4.2.0 -Stablepre050201
- FreeBSD 4.2.0 -Stablepre122300
- FreeBSD 4.3.0
- FreeBSD 4.3.0 -RELEASE
- FreeBSD 4.3.0 -RELEASE-P38
- FreeBSD 4.3.0 -RELENG
- FreeBSD 4.3.0 -STABLE
- FreeBSD 4.4.0
- FreeBSD 4.4.0 -RELEASE-P42
- FreeBSD 4.4.0 -RELENG
- FreeBSD 4.4.0 -STABLE
- FreeBSD 4.5.0
- FreeBSD 4.5.0 -RELEASE
- FreeBSD 4.5.0 -RELEASE-P32
- FreeBSD 4.5.0 -RELENG
- FreeBSD 4.5.0 -STABLE
- FreeBSD 4.5.0 -Stablepre2002-03-07
- FreeBSD 4.6.0
- FreeBSD 4.6.0 -RELEASE
- FreeBSD 4.6.0 -RELEASE-P20
- FreeBSD 4.6.0 -RELENG
- FreeBSD 4.6.0 -STABLE
- FreeBSD 4.6.2
- FreeBSD 4.7.0
- FreeBSD 4.7.0 -RELEASE
- FreeBSD 4.7.0 -RELEASE-P17
- FreeBSD 4.7.0 -RELENG
- FreeBSD 4.7.0 -STABLE
- FreeBSD 4.8.0
- FreeBSD 4.8.0 -PRERELEASE
- FreeBSD 4.8.0 -RELEASE-P7
- FreeBSD 4.8.0 -RELENG
- FreeBSD 4.9.0
- FreeBSD 4.9.0 -PRERELEASE
- FreeBSD 4.9.0 -RELENG
- FreeBSD 5.0.0
- FreeBSD 5.0.0 Alpha
- FreeBSD 5.0.0 -RELEASE-P14
- FreeBSD 5.0.0 -RELENG
- FreeBSD 5.1.0
- FreeBSD 5.1.0 -RELEASE
- FreeBSD 5.1.0 -RELEASE/Alpha
- FreeBSD 5.1.0 -RELEASE-P5
- FreeBSD 5.1.0 -RELENG
- FreeBSD 5.2.0
- FreeBSD 5.2.0 -RELEASE
- FreeBSD 5.2.0 -RELENG
- FreeBSD 5.2.1 -RELEASE
- FreeBSD 5.3.0
- FreeBSD 5.3.0 -RELEASE
- FreeBSD 5.3.0 -RELENG
- FreeBSD 5.3.0 -STABLE
- FreeBSD 5.4.0 -PRERELEASE
- FreeBSD 5.4.0 -RELEASE
- FreeBSD 5.4.0 -RELENG
- FreeBSD 5.4-STABLE
- FreeBSD 5.5.0 -RELEASE
- FreeBSD 5.5.0 -STABLE
- FreeBSD 6.0.0 -RELEASE
- FreeBSD 6.0.0 -STABLE
- FreeBSD 6.1 -RELEASE
- FreeBSD 6.1 -STABLE
- Gentoo Linux
- Gentoo net-misc/openssh 4.2
- Gentoo net-misc/openssh 4.3
- Globus Globus Toolkit 4.0.1
- Globus Globus Toolkit 4.0.2
- Globus Globus Toolkit 4.0.3
- Globus Globus Toolkit 4.1.0
- Globus Globus Toolkit 4.1.1
- Globus GSI-OpenSSH 3.7
- Globus GSI-OpenSSH 3.8
- HP HP-UX B.11.11
- HP HP-UX B.11.23
- IBM AIX 5.2
- IBM AIX 5.2.0 L
- IBM AIX 5.2.2
- IBM AIX 5.3
- IBM AIX 5.3.0 L
- IBM Hardware Management Console (HMC) 3.3.7
- IBM Hardware Management Console (HMC) 5.2.1
- IBM Hardware Management Console (HMC) for iSeries 3.0.0 R3.6
- IBM Hardware Management Console (HMC) for iSeries 3.3.2
- IBM Hardware Management Console (HMC) for iSeries 3.3.7
- IBM Hardware Management Console (HMC) for iSeries 4.0.0
- IBM Hardware Management Console (HMC) for iSeries 4.0.0 R2.0
- IBM Hardware Management Console (HMC) for iSeries 4.0.0 R2.1
- IBM Hardware Management Console (HMC) for iSeries 4.0.0 R3.1
- IBM Hardware Management Console (HMC) for iSeries 4.0.0 R3.2
- IBM Hardware Management Console (HMC) for iSeries 4.0.0 R3.3
- IBM Hardware Management Console (HMC) for iSeries 4.0.0 R4.0
- IBM Hardware Management Console (HMC) for iSeries 4.0.0 R5.0
- IBM Hardware Management Console (HMC) for iSeries 5.0.0 R1.0
- IBM Hardware Management Console (HMC) for pSeries 3
- IBM Hardware Management Console (HMC) for pSeries 3.0.0 R3.6
- IBM Hardware Management Console (HMC) for pSeries 3.3.2
- IBM Hardware Management Console (HMC) for pSeries 3.3.7
- IBM Hardware Management Console (HMC) for pSeries 4
- IBM Hardware Management Console (HMC) for pSeries 4.0.0 R2.0
- IBM Hardware Management Console (HMC) for pSeries 4.0.0 R2.1
- IBM Hardware Management Console (HMC) for pSeries 4.0.0 R3.1
- IBM Hardware Management Console (HMC) for pSeries 4.0.0 R3.2
- IBM Hardware Management Console (HMC) for pSeries 4.0.0 R3.3
- IBM Hardware Management Console (HMC) for pSeries 4.0.0 R4.0
- IBM Hardware Management Console (HMC) for pSeries 4.0.0 R5.0
- IBM Hardware Management Console (HMC) for pSeries 5.0.0 R1.0
- Mandriva Corporate Server 3.0.0
- Mandriva Corporate Server 3.0.0 X86 64
- Mandriva Corporate Server 4.0
- Mandriva Corporate Server 4.0.0 X86 64
- Mandriva Linux Mandrake 2006.0.0
- Mandriva Linux Mandrake 2006.0.0 X86 64
- Mandriva Linux Mandrake 2007.0
- Mandriva Linux Mandrake 2007.0 X86 64
- Mandriva Multi Network Firewall 2.0.0
- OpenBSD 3.8
- OpenBSD 3.9
- OpenBSD OpenSSH 1.0.0 .X
- OpenBSD OpenSSH 1.2.0
- OpenBSD OpenSSH 1.2.3
- OpenBSD OpenSSH 2.1.0
- OpenBSD OpenSSH 2.1.0 .x
- OpenBSD OpenSSH 2.1.1
- OpenBSD OpenSSH 2.1.1 p1
- OpenBSD OpenSSH 2.2.0 .0
- OpenBSD OpenSSH 2.2.0 .x
- OpenBSD OpenSSH 2.3.1
- OpenBSD OpenSSH 2.3.1 p1
- OpenBSD OpenSSH 2.5.2
- OpenBSD OpenSSH 2.5.2 p2
- OpenBSD OpenSSH 2.9.0
- OpenBSD OpenSSH 2.9.0 p1
- OpenBSD OpenSSH 2.9.0 p2
- OpenBSD OpenSSH 3.0.0
- OpenBSD OpenSSH 3.0.0 p1
- OpenBSD OpenSSH 3.0.1
- OpenBSD OpenSSH 3.0.1 p1
- OpenBSD OpenSSH 3.0.2
- OpenBSD OpenSSH 3.0.2 p1
- OpenBSD OpenSSH 3.8.1 p1
- OpenBSD OpenSSH 3.9 p1
- OpenBSD OpenSSH 4.0
- OpenBSD OpenSSH 4.1
- OpenBSD OpenSSH 4.2
- OpenBSD OpenSSH 4.2p1
- OpenBSD OpenSSH 4.3
- OpenBSD OpenSSH 4.3p1
- OpenPKG 2.0.0
- OpenPKG 2.1.0
- OpenPKG 2.2.0
- OpenPKG 2.3.0
- OpenPKG 2.4.0
- OpenPKG 2.5.0
- OpenPKG Current
- OpenSSH 4.3P1
- OpenSSH 4.3P2
- Red Hat Advanced Workstation for the Itanium Processor 2.1.0
- Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
- Red Hat Desktop 3.0.0
- Red Hat Desktop 4.0.0
- Red Hat Enterprise Linux AS 2.1
- Red Hat Enterprise Linux AS 2.1 IA64
- Red Hat Enterprise Linux AS 3
- Red Hat Enterprise Linux AS 4
- Red Hat Enterprise Linux ES 2.1
- Red Hat Enterprise Linux ES 2.1 IA64
- Red Hat Enterprise Linux ES 3
- Red Hat Enterprise Linux ES 4
- Red Hat Enterprise Linux WS 2.1
- Red Hat Enterprise Linux WS 2.1 IA64
- Red Hat Enterprise Linux WS 3
- Red Hat Enterprise Linux WS 4
- rPath rPath Linux 1
- SCO Unixware 7.1.3
- SCO Unixware 7.1.4
- SGI ProPack 3.0.0 SP6
- Slackware Linux 10.0.0
- Slackware Linux 10.1.0
- Slackware Linux 10.2.0
- Slackware Linux 8.1.0
- Slackware Linux 9.0.0
- Slackware Linux 9.1.0
- Slackware Linux -Current
- Sun Solaris 10 X86
- Sun Solaris 9 Sparc
- Sun Solaris 9 X86
- SuSE Linux Connectivity Server
- SuSE Linux Database Server
- SuSE Linux Desktop 10
- SuSE Linux Desktop 1.0.0
- SuSE Linux Enterprise Server for S/390 9.0.0
- SuSE Linux Enterprise Server for S/390
- SuSE Linux Office Server
- SuSE Linux Openexchange Server
- SuSE Linux Personal 10.0.0 OSS
- SuSE Linux Personal 10.1
- SuSE Linux Personal 9.1.0
- SuSE Linux Personal 9.1.0 X86 64
- SuSE Linux Personal 9.2.0
- SuSE Linux Personal 9.2.0 X86 64
- SuSE Linux Personal 9.3.0
- SuSE Linux Personal 9.3.0 X86 64
- SuSE Linux Professional 10.0.0
- SuSE Linux Professional 10.0.0 OSS
- SuSE Linux Professional 10.1
- SuSE Linux Professional 9.1.0
- SuSE Linux Professional 9.1.0 X86 64
- SuSE Linux Professional 9.2.0
- SuSE Linux Professional 9.2.0 X86 64
- SuSE Linux Professional 9.3.0
- SuSE Linux Professional 9.3.0 X86 64
- SuSE Novell Linux Desktop 1.0.0
- SuSE Novell Linux Desktop 9.0.0
- SuSE Novell Linux POS 9
- SuSE Office Server
- SuSE Open-Enterprise-Server 1
- SuSE Open-Enterprise-Server 9.0.0
- SuSE Open-Enterprise-Server
- SuSE SUSE Linux Enterprise Desktop 10
- SuSE SUSE Linux Enterprise SDK 10
- SuSE SUSE Linux Enterprise Server 10
- SuSE SUSE Linux Enterprise Server 8
- SuSE SUSE Linux Enterprise Server 9
- SuSE SUSE Linux Enterprise Server SDK 9
- SuSE SuSE Linux Openexchange Server 4.0.0
- SuSE SuSE Linux Open-Xchange 4.1.0
- SuSE SUSE LINUX Retail Solution 8.0.0
- SuSE SuSE Linux School Server for i386
- SuSE SuSE Linux Standard Server 8.0.0
- SuSE UnitedLinux 1.0.0
- Turbolinux Appliance Server 1.0.0 Hosting Edition
- Turbolinux Appliance Server 1.0.0 Workgroup Edition
- Turbolinux Appliance Server 2.0
- Turbolinux Appliance Server Hosting Edition 1.0.0
- Turbolinux Appliance Server Workgroup Edition 1.0.0
- Turbolinux Home
- Turbolinux Multimedia
- Turbolinux Personal
- Turbolinux 10 F...
- Turbolinux FUJI
- Turbolinux Turbolinux Desktop 10.0.0
- Turbolinux Turbolinux Server 10.0.0
- Turbolinux Turbolinux Server 10.0.0 X86
- Turbolinux Turbolinux Server 7.0.0
- Turbolinux Turbolinux Server 8.0.0
- Ubuntu Ubuntu Linux 5.0.0 4 Amd64
- Ubuntu Ubuntu Linux 5.0.0 4 I386
- Ubuntu Ubuntu Linux 5.0.0 4 Powerpc
- Ubuntu Ubuntu Linux 5.10.0 Amd64
- Ubuntu Ubuntu Linux 5.10.0 I386
- Ubuntu Ubuntu Linux 5.10.0 Powerpc
- Ubuntu Ubuntu Linux 5.10.0 Sparc
- Ubuntu Ubuntu Linux 6.06 LTS Amd64
- Ubuntu Ubuntu Linux 6.06 LTS I386
- Ubuntu Ubuntu Linux 6.06 LTS Powerpc
- Ubuntu Ubuntu Linux 6.06 LTS Sparc
References
- BugTraq: 20216
- CVE: CVE-2006-4924