Lucene search
Ubuntu.comUB:CVE-2010-5107HistoryMar 07, 2013 - 12:00 a.m.
CVE-2010-5107
2013-03-0700:00:00
ubuntu.com
ubuntu.com
86
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
0.079
Percentile
94.3%
The default configuration of OpenSSH through 6.1 enforces a fixed time
limit between establishing a TCP connection and completing a login, which
makes it easier for remote attackers to cause a denial of service
(connection-slot exhaustion) by periodically making many new TCP
connections.
Bugs
Notes
| Author | Note |
|---|---|
| jdstrand | this is a long-standing problem with any server that limits connections. This requires conffile changes. |
| mdeslaur | Upstream has changed the default MaxStartups to 10:30:100 to mitigate this issue. Sysadmins can change the equivalent config locally. we will not be fixing this issue in Ubuntu 12.04 LTS, in environments where this is a concern, we suggest settings the MaxStartups value to 10:30:100 in the sshd_config file |
Related
nessus
nessus
SuSE 11.2 Security Update : OpenSSH (SAT Patch Number 8078)
2013-08-16 00:00:00
RHEL 6 : openssh (RHSA-2013:1591)
2013-11-21 00:00:00
AIX OpenSSH Advisory : openssh_advisory2.asc
2014-04-16 00:00:00
openvas
openvas
Fedora Update for openssh FEDORA-2013-2206
2013-03-01 00:00:00
Oracle: Security Advisory (ELSA-2016-3521)
2016-02-25 00:00:00
RedHat Update for openssh RHSA-2013:1591-02
2013-11-21 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:51:36
redhat
redhat
(RHSA-2013:1591) Low: openssh security, bug fix, and enhancement update
2013-11-21 00:00:00
(RHSA-2013:1527) Important: rhev-hypervisor6 security and bug fix update
2013-11-21 00:00:00
debiancve
debiancve
CVE-2010-5107
2013-03-07 20:55:01
cvelist
cvelist
CVE-2010-5107
2013-03-07 20:00:00
ibm
ibm
f5
f5
SOL14741 - OpenSSH vulnerability CVE-2010-5107
2013-10-10 00:00:00
K14741 : OpenSSH vulnerability CVE-2010-5107
2015-09-15 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: openssh-5.9p1-29.fc17
2013-02-26 02:47:11
[SECURITY] Fedora 18 Update: openssh-6.1p1-5.fc18
2013-02-13 04:33:12
checkpoint_advisories
checkpoint_advisories
oraclelinux
oraclelinux
openssh security, bug fix, and enhancement update
2013-11-26 00:00:00
openssh security update
2016-02-24 00:00:00
nvd
nvd
CVE-2010-5107
2013-03-07 20:55:01
centos
centos
openssh, pam_ssh_agent_auth security update
2013-11-26 13:32:28
seebug
seebug
OpenSSH้ป่ฎคๆๅกๅจ้
็ฝฎๆ็ปๆๅกๆผๆด(CVE-2010-5107)
2013-02-28 00:00:00
prion
prion
Default configuration
2013-03-07 20:55:00
cve
cve
CVE-2010-5107
2013-03-07 20:55:01
securityvulns
securityvulns
OpenSSH security vulnerabilities
2013-03-24 00:00:00
[ MDVSA-2013:022 ] openssh
2013-03-24 00:00:00
aix
aix
AIX OpenSSH Vulnerability
2013-04-08 15:19:58
gentoo
gentoo
OpenSSH: Multiple vulnerabilities
2014-05-11 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2015
2015-03-10 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
0.079
Percentile
94.3%
Related for UB:CVE-2010-5107