SSH Secure Shell 2.4 Server Vulnerable to Denial of Service

Reported March 15, 2001, by USSR Labs.

VERSION AFFECTED

  • SSH Secure Shell Server for Windows 2.4

DESCRIPTION


A vulnerability exists in version 2.4 of SSH’s Secure Shell Server for Windows that makes it possible for an attacker to spawn 64 concurrent connections and cause the server to stop responding and serving requests, resulting in a Denial of Service (DoS) condition.


VENDOR RESPONSE

 

The vendor, SSH Communications Security, has been notified and will release version 2.5 to fix this vulnerability.

 

CREDIT

Discovered by Luciano Martins of USSR Labs.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish