Two denial of service problems have been found in the OpenSSH
server. The Common Vulnerabilities and Exposures project identifies the
following vulnerabilities:

CVE-2006-4924
The sshd support for ssh protocol version 1 does not properly
handle duplicate incoming blocks. This could allow a remote
attacker to cause sshd to consume significant CPU resources
leading to a denial of service.
CVE-2006-5051
A signal handler race condition could potentially allow a remote
attacker to crash sshd and could theoretically lead to the
ability to execute arbitrary code.

For the stable distribution (sarge), these problems have been fixed in
version 1:3.8.1p1-8.sarge.6.

For the unstable and testing distributions, these problems have been
fixed in version 1:4.3p2-4.

We recommend that you upgrade your openssh package.

CPENameOperatorVersion
openssheq1:3.8.1p1-8.sarge.4

CPE	Name	Operator	Version
	openssh	eq	1:3.8.1p1-8.sarge.4

References

www.debian.org/security/2006/dsa-1212

openvas 22

checkpoint_security 2

osv 2

oraclelinux 1

centos 2

redhat 2

nessus 32

ubuntu 1

freebsd_advisory 2

debian 4

f5 6

freebsd 1

fedora 1

slackware 1

suse 1

checkpoint_advisories 1

cvelist 4

debiancve 4

gentoo 2

nvd 4

ubuntucve 4

cve 4

cert 2

redhatcve 2

securityvulns 2

prion 1

vulnrichment 1

alpinelinux 1

qualysblog 1

thn 1

pentestpartners 1

packetstorm 1

zdt 1

openvas

Debian Security Advisory DSA 1189-1 (openssh-krb5)

2008-01-17 00:00:00

FreeBSD Security Advisory (FreeBSD-SA-06:22.openssh.asc)

2008-09-04 00:00:00

Debian: Security Advisory (DSA-1212)

2008-01-17 00:00:00

checkpoint_security

Check Point response to OpenSSH vulnerabilities: CVE-2006-5051 and CVE-2006-4924

2011-05-03 21:00:00

OpenSSH vulnerabilities: CVE-2006-5051 and CVE-2006-4924

2006-11-19 22:00:00

osv

openssh-krb5

2006-10-04 00:00:00

openssh - denial of service

2008-09-16 00:00:00

oraclelinux

Important openssh security update

2006-11-30 00:00:00

centos

openssh, openssl, openssl096b security update

2006-09-29 03:31:38

openssh security update

2006-10-02 01:42:56

redhat

(RHSA-2006:0697) openssh security update

2006-09-28 00:00:00

(RHSA-2006:0698) openssh security update

2006-09-28 00:00:00

nessus

F5 Networks BIG-IP : OpenSSH vulnerabilities (SOL6736)

2016-01-28 00:00:00

Debian DSA-1212-1 : openssh - Denial of service

2006-11-20 00:00:00

FreeBSD : openssh -- multiple vulnerabilities (32db37a5-50c3-11db-acf3-000c6ec775d9)

2006-10-02 00:00:00

ubuntu

openssh vulnerabilities

2006-10-02 00:00:00

freebsd_advisory

FreeBSD-SA-06:22.openssh

2006-09-30 00:00:00

FreeBSD-SA-24:04.openssh

2024-07-01 00:00:00

debian

[SECURITY] [DSA 1212-1] New openssh packages fix denial of service

2006-11-15 17:26:52

[SECURITY] [DSA 1189-1] New openssh-krb5 packages fix denial of service and potential execution of arbitrary code

2006-10-04 19:32:23

[SECURITY] [DSA 1212-1] New openssh packages fix denial of service

2006-11-15 17:26:52

SOL6736 - OpenSSH vulnerabilities CAN-2006-5051, CAN-2006-4924

2006-10-10 00:00:00

K6736 : OpenSSH vulnerabilities CAN-2006-5051, CAN-2006-4924

2013-03-27 00:00:00

K6881 : SSHv1 vulnerabilities CVE-2006-4924

2013-03-19 00:00:00

freebsd

openssh -- multiple vulnerabilities

2006-09-25 00:00:00

fedora

[SECURITY] Fedora Core 5 Update: openssh-4.3p2-4.12.fc5

2007-04-03 21:39:33

slackware

[slackware-security] openssh

2006-09-29 07:57:38

suse

remote denial of service in openssh

2006-10-20 14:30:36

checkpoint_advisories

OpenSSH sshd Identical Blocks Denial of Service (CVE-2006-4924)

2009-10-21 00:00:00

cvelist

CVE-2006-4924

2006-09-27 01:00:00

CVE-2006-5051

2006-09-27 23:00:00

CVE-2008-4109

2008-09-17 18:06:00

debiancve

CVE-2006-4924

2006-09-27 01:07:00

CVE-2006-5051

2006-09-27 23:07:00

CVE-2008-4109

2008-09-18 15:04:27

gentoo

OpenSSH: Denial of service

2006-09-27 00:00:00

OpenSSH: Multiple Denial of Service vulnerabilities

2006-11-13 00:00:00

nvd

CVE-2006-4924

2006-09-27 01:07:00

CVE-2006-5051

2006-09-27 23:07:00

CVE-2008-4109

2008-09-18 15:04:27

ubuntucve

CVE-2006-4924

2006-09-27 00:00:00

CVE-2006-5051

2006-09-27 00:00:00

CVE-2008-4109

2008-09-18 00:00:00

cve

CVE-2006-4924

2006-09-27 01:07:00

CVE-2006-5051

2006-09-27 23:07:00

CVE-2024-6387

2024-07-01 13:15:06

cert

OpenSSH contains a race condition vulnerability

2006-10-04 00:00:00

OpenSSH fails to properly handle multiple identical blocks in a SSH packet

2006-10-04 00:00:00

redhatcve

CVE-2008-4109

2015-10-30 10:23:32

CVE-2024-6387

2024-07-01 10:24:35

securityvulns

Multiple OpenSSH security vulnerabilities

2008-10-03 00:00:00

[SECURITY] [DSA 1638-1] New openssh packages fix denial of service

2008-09-20 00:00:00

prion

Code injection

2008-09-18 15:04:00

vulnrichment

CVE-2024-6387 Openssh: possible remote code execution due to a race condition in signal handling

2024-07-01 12:37:25

alpinelinux

CVE-2024-6387

2024-07-01 13:15:06

qualysblog

regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server

2024-07-01 08:23:20

thn

New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems

2024-07-01 10:50:00

pentestpartners

RCE vulnerability in OpenSSH – RegreSSHion (CVE-2024-6387)

2024-07-02 05:31:12

packetstorm

OpenSSH Server regreSSHion Remote Code Execution

2024-07-01 00:00:00

zdt

OpenSSH Server regreSSHion Remote Code Execution Vulnerability

2024-07-02 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.946 High

EPSS

Percentile

99.3%

JSON

Related for OSV:DSA-1212