CVE-2006-4924
EPSS 54.3%openssh
Published: 9/27/2006Modified: 4/28/2026
Description
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.
Affected packages (4)
- Debian/opensshfrom 0, < 1:4.3p2-4
- Debian/opensshfrom 0, < 1:3.8.1p1-8.sarge.6
- Debian/opensshfrom 0, < 1:3.8.1p1-8.sarge.6
- Debian/openssh-krb5from 0, < 3.8.1p1-7sarge1