OpenSSH With OpenPAM DoS
Medium Nessus Plugin ID 44073
SynopsisThe SSH server running on the remote host has a denial of service vulnerability.
DescriptionAccording to its banner, the version of OpenSSH running on the remote host is affected by a remote denial of service vulnerability. When used with OpenPAM, OpenSSH does not properly handle when a forked child process ends during PAM authentication. This could allow a remote attacker to cause a denial of service by connecting several times to the SSH server, waiting for the password prompt and then disconnecting.
SolutionUpgrade to OpenSSH 3.8.1p1 or later.