Detections
Analytics

FreeBSD : FreeBSD -- Denial of service attack against sshd(8) (73e9a137-6007-11e6-a6c3-14dae9d210b8)

medium Nessus Plugin ID 92911

Language:

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

Although OpenSSH is not multithreaded, when OpenSSH is compiled with Kerberos support, the Heimdal libraries bring in the POSIX thread library as a dependency. Due to incorrect library ordering while linking sshd(8), symbols in the C library which are shadowed by the POSIX thread library may not be resolved correctly at run time.

Note that this problem is specific to the FreeBSD build system and does not affect other operating systems or the version of OpenSSH available from the FreeBSD ports tree. Impact : An incorrectly linked sshd(8) child process may deadlock while handling an incoming connection. The connection may then time out or be interrupted by the client, leaving the deadlocked sshd(8) child process behind.
Eventually, the sshd(8) parent process stops accepting new connections.

An attacker may take advantage of this by repeatedly connecting and then dropping the connection after having begun, but not completed, the authentication process.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?167a6491

Plugin Details

Severity: Medium

ID: 92911

File Name: freebsd_pkg_73e9a137600711e6a6c314dae9d210b8.nasl

Version: 2.4

Type: local

Published: 8/12/2016

Updated: 1/4/2021

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:freebsd, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Settings/ParanoidReport, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Ease: No known exploits are available

Patch Publication Date: 8/11/2016

Vulnerability Publication Date: 11/4/2014

Reference Information

CVE: CVE-2014-8475

BID: 70913

FreeBSD: SA-14:24.sshd