Debian DSA-1638-1 : openssh - denial of service

High Nessus Plugin ID 34223

Synopsis

The remote Debian host is missing a security-related update.

Description

It has been discovered that the signal handler implementing the login timeout in Debian's version of the OpenSSH server uses functions which are not async-signal-safe, leading to a denial of service vulnerability (CVE-2008-4109 ).

The problem was originally corrected in OpenSSH 4.4p1 (CVE-2006-5051 ), but the patch backported to the version released with etch was incorrect.

Systems affected by this issue suffer from lots of zombie sshd processes. Processes stuck with a '[net]' process title have also been observed. Over time, a sufficient number of processes may accumulate such that further login attempts are impossible. Presence of these processes does not indicate active exploitation of this vulnerability.
It is possible to trigger this denial of service condition by accident.

Solution

Upgrade the openssh packages.

For the stable distribution (etch), this problem has been fixed in version 4.3p2-9etch3.

See Also

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498678

https://security-tracker.debian.org/tracker/CVE-2008-4109

https://security-tracker.debian.org/tracker/CVE-2006-5051

https://www.debian.org/security/2008/dsa-1638

Plugin Details

Severity: High

ID: 34223

File Name: debian_DSA-1638.nasl

Version: 1.17

Type: local

Agent: unix

Published: 2008/09/17

Updated: 2019/08/02

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:openssh, cpe:/o:debian:debian_linux:4.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2008/09/16

Reference Information

CVE: CVE-2006-5051, CVE-2008-4109

BID: 20241

DSA: 1638

CWE: 264, 362