This bug either wasn't fixed or there has been a recent regression.
Ubuntu lucid
openssh-server 1:5.3p1-3ubuntu1
/etc/default/ssh: SSHD_OOM_ADJUST=-17
As well as causing kernel panics, a malicious user can use this
technique to kill off trusted root daemons and (if they use a port >=
1024) launch spoofing processes.
Not only is this a DoS risk, it can also lead to takedown of critical
system components required for the SSH session to work (NetworkManager
etc.)
** Changed in: openssh (Ubuntu)
Status: Fix Released => Confirmed
--
hardy: openssh-server oom_adj can lead to denial of service
https://bugs.launchpad.net/bugs/293000
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
