svn commit: r425152 - head/security/vuxml
Mark Felder
feld at FreeBSD.org
Wed Nov 2 13:26:35 UTC 2016
Author: feld
Date: Wed Nov 2 13:26:33 2016
New Revision: 425152
URL: https://svnweb.freebsd.org/changeset/ports/425152
Log:
Update openssh vuxml entry to add FreeBSD SA information
Security: CVE-2016-8858
Security: SA-16:33.openssh
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Wed Nov 2 13:19:27 2016 (r425151)
+++ head/security/vuxml/vuln.xml Wed Nov 2 13:26:33 2016 (r425152)
@@ -436,32 +436,40 @@ fuzzing and other initiatives.</li>
</vuln>
<vuln vid="6a2cfcdc-9dea-11e6-a298-14dae9d210b8">
- <topic>openssh -- denial of service</topic>
+ <topic>FreeBSD -- OpenSSH Remote Denial of Service vulnerability</topic>
<affects>
<package>
<name>openssh-portable</name>
<range><lt>7.3p1_1</lt></range>
</package>
+ <package>
+ <name>FreeBSD</name>
+ <range><ge>11.0</ge><lt>11.0_3</lt></range>
+ <range><ge>10.3</ge><lt>10.3_12</lt></range>
+ </package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
- <p> reports:</p>
- <blockquote cite="http://seclists.org/oss-sec/2016/q4/191">
- <p>OpenSSH has a memory exhaustion bug in key exchange
- process. An unauthenticated peer could repeat the KEXINIT
- and cause allocation of up to 384MB(not 128MB that the official
- said). In the default case, an attacker can build 100 such
- connections, which will consume 38400 MB of memory on the server.</p>
- </blockquote>
+ <h1>Problem Description:</h1>
+ <p>When processing the SSH_MSG_KEXINIT message, the server
+ could allocate up to a few hundreds of megabytes of memory
+ per each connection, before any authentication take place.</p>
+ <h1>Impact:</h1>
+ <p>A remote attacker may be able to cause a SSH server to
+ allocate an excessive amount of memory. Note that the default
+ MaxStartups setting on FreeBSD will limit the effectiveness
+ of this attack.</p>
</body>
</description>
<references>
<url>http://seclists.org/oss-sec/2016/q4/191</url>
<cvename>CVE-2016-8858</cvename>
+ <freebsdsa>SA-16:33.openssh</freebsdsa>
</references>
<dates>
<discovery>2016-10-19</discovery>
<entry>2016-10-29</entry>
+ <modified>2016-11-02</modified>
</dates>
</vuln>
More information about the svn-ports-all
mailing list