Re: [FreeBSD-Announce] FreeBSD Security Advisory

On 2006.10.01 00:07:02 +0300, Pekka Savola wrote:
> On Sat, 30 Sep 2006, FreeBSD Security Advisories wrote:
> >III. Impact
> >
> >An attacker sending specially crafted packets to sshd(8) can cause a
> >Denial of Service by using 100% of CPU time until a connection timeout
> >occurs.  Since this attack can be performed over multiple connections
> >simultaneously, it is possible to cause up to MaxStartups (10 by default)
> >sshd processes to use all the CPU time they can obtain.  [CVE-2006-4924]
> >
> >The OpenSSH project believe that the race condition can lead to a Denial
> >of Service or potentially remote code execution, but the FreeBSD Security
> >Team has been unable to verify the exact impact.  [CVE-2006-5051]
> >
> >IV.  Workaround
> >
> >The attack against the CRC compensation attack detector can be avoided
> >by disabling SSH Protocol version 1 support in sshd_config(5).
> >
> >There is no workaround for the second issue.
> 
> Doesn't TCP wrappers restriction mitigate or work around this issue or 
> is it done too late ?

I'm not sure since I have never really used TCP wrappers, but I would
expect it to work.  I generally use firewalls to restrict which IP
addresses are allowed to access services when possible.

-- 
Simon L. Nielsen
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"