CVE-2006-4924

Publication date 27 September 2006

Last updated 24 July 2024


Ubuntu priority

sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.

Status

Package Ubuntu Release Status
openssh 7.04 feisty
Fixed 4.3p2-5ubuntu1
6.10 edgy
Fixed 4.3p2-5ubuntu1
6.06 LTS dapper
Fixed 4.2p1-7ubuntu3.1

References

Related Ubuntu Security Notices (USN)

    • USN-355-1
    • openssh vulnerabilities
    • 2 October 2006

Other references