Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1206

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-1206
Last Modified 05 Sep 2008 05:01:17
Published 13 Mar 2006 08:06:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1206

Summary

Matt Johnston Dropbear SSH server 0.47 and earlier, as used in embedded Linux devices and on general-purpose operating systems, allows remote attackers to cause a denial of service (connection slot exhaustion) via a large number of connection attempts that exceeds the MAX_UNAUTH_CLIENTS defined value of 30.

Vulnerable Systems

Application

  • Matt Johnston Dropbear Ssh Server 0.28

  • Matt Johnston Dropbear Ssh Server 0.29

  • Matt Johnston Dropbear Ssh Server 0.30

  • Matt Johnston Dropbear Ssh Server 0.31

  • Matt Johnston Dropbear Ssh Server 0.32

  • Matt Johnston Dropbear Ssh Server 0.33

  • Matt Johnston Dropbear Ssh Server 0.34

  • Matt Johnston Dropbear Ssh Server 0.35

  • Matt Johnston Dropbear Ssh Server 0.36

  • Matt Johnston Dropbear Ssh Server 0.37

  • Matt Johnston Dropbear Ssh Server 0.38

  • Matt Johnston Dropbear Ssh Server 0.39

  • Matt Johnston Dropbear Ssh Server 0.40

  • Matt Johnston Dropbear Ssh Server 0.41

  • Matt Johnston Dropbear Ssh Server 0.42

  • Matt Johnston Dropbear Ssh Server 0.43

  • Matt Johnston Dropbear Ssh Server 0.44

  • Matt Johnston Dropbear Ssh Server 0.45

  • Matt Johnston Dropbear Ssh Server 0.46

  • Matt Johnston Dropbear Ssh Server 0.47


References

BID - 17024

XF - dropbear-connection-dos(25075)

BUGTRAQ - 20060307 Dropbear SSH server Denial of Service

SECTRACK - 1015742


Last Updated: 27 May 2016 10:41:58