On 10/2/06 12:12 PM, Simon L. Nielsen wrote:
On 2006.10.01 15:10:50 -0700, Mark Peek wrote:
Topic: Multiple vulnerabilities in OpenSSH
BTW, the patches for this advisory appear to also need a patch to add log.c
into src/secure/usr.sbin/sshd/Makefile.
Eh, why? log.c is built by libss
On 2006.10.01 15:10:50 -0700, Mark Peek wrote:
> >Topic: Multiple vulnerabilities in OpenSSH
>
> BTW, the patches for this advisory appear to also need a patch to add log.c
> into src/secure/usr.sbin/sshd/Makefile.
Eh, why? log.c is built by libssh.
--
Simon L. Nielsen
___
On 2006.10.01 00:07:02 +0300, Pekka Savola wrote:
> On Sat, 30 Sep 2006, FreeBSD Security Advisories wrote:
> >III. Impact
> >
> >An attacker sending specially crafted packets to sshd(8) can cause a
> >Denial of Service by using 100% of CPU time until a connection timeout
> >occurs. Since this att
On 9/30/06 1:24 PM, FreeBSD Security Advisories wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=
FreeBSD-SA-06:22.opensshSecurity Advisory
On Sat, 30 Sep 2006, FreeBSD Security Advisories wrote:
III. Impact
An attacker sending specially crafted packets to sshd(8) can cause a
Denial of Service by using 100% of CPU time until a connection timeout
occurs. Since this attack can be performed over multiple connections
simultaneously, it
