Full Disclosure mailing list archives
Possible DOS issue in OpenSSH ssh client
From: Espen Grøndahl <espen () espen mine nu>
Date: Tue, 13 Jun 2006 21:29:46 +0200
The client did just hang I dont know for how long, but I sent a break after an hour :-) I didnt have the time to test this issue more. kaosone wrote:
This could be used in a denial of service attack or could be used to
stop
( or at least annoy ) ssh bruteforcers Jno, the bruteforcers don't use ssh, but other programs that can be not affected by this
It is good to see that someone knows all the bruteforcers :-) ( could you please ask them to stop ) I do not know if this issue affects Hydra, Guess-who and so on. I have only tested this issue with OpenSSH client and putty. Putty seems to be less affected ( cpu usage 25-40% ).
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Possible DOS issue in OpenSSH ssh client Espen Grøndahl (Jun 13)
- Re: Possible DOS issue in OpenSSH ssh client Paul Schmehl (Jun 13)
- Re: Possible DOS issue in OpenSSH ssh client kaosone (Jun 13)
- <Possible follow-ups>
- Possible DOS issue in OpenSSH ssh client Espen Grøndahl (Jun 13)