| VID |
14044 |
| Severity |
20 |
| Port |
22 |
| Protocol |
TCP |
| Class |
SSH |
| Detailed Description |
The Dropbear SSH server, according to its banner, has a denial of service vulnerability which exists in versions 0.47 and earlier. Dropbear SSH Server is a small Secure Shell server suitable for embedded environments. Dropbear SSH Server version 0.47 and earlier versions could allow a remote attacker to cause a denial of service via a large number of connection attempts that exceeds the MAX_UNAUTH_CLIENTS defined value of 30. By maintaining 30 simultaneous connections to the affected server, a remote attacker could make the server to deny service to all legitimate users.
* Note: This check solely relied on the banner of the remote SSH server to assess this vulnerability, so this might be a false positive.
* References:
http://www.securityfocus.com/archive/1/426999/30/0/threaded
http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/042849.html
* Platforms Affected:
Matt Johnston, Dropbear SSH Server version 0.47 and earlier versions
Linux Any version |
| Recommendation |
Upgrade to the latest version of Dropbear SSH Server (0.48 or later), available from the Dropbear SSH Server Web page at http://matt.ucc.asn.au/dropbear/dropbear.html |
| Related URL |
CVE-2006-1206 (CVE) |
| Related URL |
17024 (SecurityFocus) |
| Related URL |
25075 (ISS) |
|
