lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <000001c68ee8$a13a0990$6401a8c0@espen.mine.nu>
Date: Tue Jun 13 16:33:49 2006
From: espen at espen.mine.nu (Espen Grøndahl)
Subject: Possible DOS issue in OpenSSH ssh client

During some testing I found a possible bug/issue with OpenSSH ssh client.

 

 

MachineA # cat < /dev/zero | nc ?l ?p 3000

 

MachineB# ssh someone@...hineA ?p 3000

 

I have tested on OpenBSD 3.9, CentOS 4.3, Debian 3.1 and Solaris 9.

 

 

This consumes 50-100% of available CPU time on MachineB ( depending on the
bandwith between them ).

 

This could be used in a denial of service attack ? or could be used to stop
( or at least annoy ) ssh bruteforcers :-)

 

But of course it would also consume my upstream bandwith

.

 

 

Espen

 

http://espen.mine.nu <http://espen.mine.nu/> 

 

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060613/4fb44be2/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ