Vigil@nce: Solaris, denial of service of sshd(1M)
December 2009 by Vigil@nce
A remote attacker can therefore generate a denial of service of
the sshd(1M) daemon.
– Severity: 2/4
– Consequences: denial of service of service
– Provenance: intranet client
– Means of attack: no proof of concept, no attack
– Ability of attacker: expert (4/4)
– Confidence: confirmed by the editor (5/5)
– Diffusion of the vulnerable configuration: high (3/3)
– Creation date: 02/12/2009
IMPACTED PRODUCTS
– OpenSolaris
– Sun Solaris
DESCRIPTION OF THE VULNERABILITY
The sshd(1M) daemon handles SSH connections of the clients.
However, a vulnerability exists in the timeout mechanism of
sshd(1M). Technical details are unknown.
A remote attacker can therefore generate a denial of service of
the sshd(1M) daemon.
CHARACTERISTICS
– Identifiers: 272629, 6868716, BID-37116, CVE-2009-4075,
VIGILANCE-VUL-9231
– Url: http://vigilance.fr/vulnerability/Solaris-denial-of-service-of-sshd-1M-9231