lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue Jun 13 17:23:37 2006 From: pauls at utdallas.edu (Paul Schmehl) Subject: Possible DOS issue in OpenSSH ssh client Espen Gr?ndahl wrote: > During some testing I found a possible bug/issue with OpenSSH ssh client. > > MachineA # cat < /dev/zero | nc ?l ?p 3000 > > MachineB# ssh someone@...hineA ?p 3000 > > I have tested on OpenBSD 3.9, CentOS 4.3, Debian 3.1 and Solaris 9. > > This consumes 50-100% of available CPU time on MachineB ( depending on the > bandwith between them ). > What did the ssh client do? Did it eventually time out (as you would expect)? Or did it hang and never disconnect? -- Paul Schmehl (pauls@...allas.edu) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/ -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5007 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060613/11c911fe/smime.bin
Powered by blists - more mailing lists