Computer Security
[EN] securityvulns.ru no-pyccku


FreeBSD OpenSSH DoS
Published:10.11.2014
Source:
SecurityVulns ID:14078
Type:remote
Threat Level:
5/10
Description:Race condition because of invalid thread-safe library linking.
Affected:FREEBSD : FreeBSD 9.2
 FREEBSD : FreeBSD 10.0
CVE:CVE-2014-8475 (FreeBSD 9.1, 9.2, and 10.0, when compiling OpenSSH with Kerberos support, uses incorrect library ordering when linking sshd, which causes symbols to be resolved incorrectly and allows remote attackers to cause a denial of service (sshd deadlock and prevention of new connections) by ending multiple connections before authentication is completed.)
Original documentdocumentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-14:24.sshd [REVISED] (10.11.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod