Wind River Support Network

HomeDefectsLIN5-13473
Fixed

LIN5-13473 : Security Advisory - openssh - CVE-2010-5107

Created: Mar 18, 2013    Updated: Dec 19, 2017
Resolved Date: Jan 23, 2014
Previous ID: LIN3-13093
Found In Version: 5.0
Fix Version: 5.0.1.12
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Userspace

Description

The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-5107

Workaround

Unknown

Steps to Reproduce

Unknown

Other Downloads


Live chat
Online