NVD

Id
72446  
Name
CVE-2004-2069  
Description
sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the connection open and allows remote attackers to cause a denial of service (connection consumption).  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:P)  
Pub Date
2017-07-18  
Published
2004-12-31  
Modified Date
2017-07-10  
Seq
2004-2069  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
373860 72446 CVE-2004-2069 [openssh-unix-dev] 20040127 OpenSSH - Connection problem when LoginGraceTime exceeds time  View
373861 72446 CVE-2004-2069 [openssh-unix-dev] 20040128 Re: OpenSSH - Connection problem when LoginGraceTime exceeds time  View
373862 72446 CVE-2004-2069 oval:org.mitre.oval:def:11541  View
373863 72446 CVE-2004-2069 RHSA-2005:550  View
373864 72446 CVE-2004-2069 http://support.avaya.com/elmodocs2/security/ASA-2005-216.pdf  View
373865 72446 CVE-2004-2069 http://support.avaya.com/elmodocs2/security/ASA-2005-223.pdf  View
373866 72446 CVE-2004-2069 FLSA-2006:168935  View
373867 72446 CVE-2004-2069 20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4  View
373868 72446 CVE-2004-2069 20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2  View
373869 72446 CVE-2004-2069 20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2  View
373870 72446 CVE-2004-2069 14963  View
373871 72446 CVE-2004-2069 http://www.vmware.com/download/esx/esx-202-200610-patch.html  View
373872 72446 CVE-2004-2069 http://www.vmware.com/download/esx/esx-213-200610-patch.html  View
373873 72446 CVE-2004-2069 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html  View
373874 72446 CVE-2004-2069 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html  View
373875 72446 CVE-2004-2069 ADV-2006-4502  View
373876 72446 CVE-2004-2069 openssh-sshdc-logingracetime-dos(20930)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
62684 JVNDB-2004-000025 OpenSSH の sshd_config におけるサービス運用妨害 (DoS) の脆弱性 OpenSSH には、sshd を特権分離モードで動作している場合、MaxStartups や LoginGraceTime 設定変数の処理に不備が存在するため、正規ユーザによる接続が妨害される脆弱性が存在します。 CVE-2004-2069 10494 CVE-2004-2069 72446 5 http://jvndb.jvn.jp/ja/contents/2004/JVNDB-2004-000025.html 2004-01-28 2007-04-01 View