Main Vulnerability Database SB2012040502

SB2012040502 - Input validation error in OpenSSH

Published: April 5, 2012 Updated: August 11, 2020

Security Bulletin ID SB2012040502

Severity

Low

Patch available

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Input validation error (CVE-ID: CVE-2011-5000)

The vulnerability allows remote authenticated users to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service (memory consumption) via a large value in a certain length field.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

http://rhn.redhat.com/errata/RHSA-2012-0884.html
http://seclists.org/fulldisclosure/2011/Aug/2
http://site.pi3.com.pl/adv/ssh_1.txt