The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2013-03-07 12:55
Updated : 2017-09-18 18:31
NVD link : CVE-2010-5107
Mitre link : CVE-2010-5107
JSON object : View
CWE
Products Affected
openbsd
- openssh