oss-sec mailing list archives



CVE Request: OpenSSH: Memory exhaustion issue found in OpenSSH

Hi, The OpenSSH has a memory exhaustion bug in key exchange process. An unauthenticated peer could repeat the KEXINIT and cause allocation of up to 384MB(not 128MB that the official said). In the default case, an attacker can build 100 such connections, which will consume 38400 MB of memory on the server. The patch is here: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c?rev=1.127&content-type=text/x-cvsweb-markup -- Regards, Shi Lei / Gear Team, Qihoo 360 Inc. GPG Key ID 37048936 / 5C4C 85C6 068C A5A0 23FA 0294 D9CE 9C25 3704 8936

By Date By Thread

Current thread: