CVE-2015-5600

The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.

Published : 2015-08-03 01:59 Updated : 2018-09-11 10:29

8.5
CVSS Score More info
Score 8.5 / 10
8.5
Vendor Product Version URI
Openbsd Openssh 6.9 cpe:/a:openbsd:openssh:6.9
  1. Openbsd (1) Search CVE
    1. Openssh (1) Search CVE
      1. 6.9

CWE

ID Name Description Links
CWE-264 Permissions, Privileges, and Access Controls Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control. CVE

References

Source Link
CONFIRM http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/auth2-chall.c
CONFIRM http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/auth2-chall.c.diff?r1=1.42&r2=1.43&f=h
CONFIRM http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10697
APPLE http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
FEDORA http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165170.html
FEDORA http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162955.html
SUSE http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html
MLIST http://openwall.com/lists/oss-security/2015/07/23/4
REDHAT http://rhn.redhat.com/errata/RHSA-2016-0466.html
FULLDISC http://seclists.org/fulldisclosure/2015/Jul/92
CONFIRM http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
CONFIRM http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
CONFIRM http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
CONFIRM http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
CONFIRM http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
BID http://www.securityfocus.com/bid/75990
BID http://www.securityfocus.com/bid/91787
BID http://www.securityfocus.com/bid/92012
UBUNTU http://www.ubuntu.com/usn/USN-2710-1
UBUNTU http://www.ubuntu.com/usn/USN-2710-2
CONFIRM https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952480
CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128992
CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667
CONFIRM https://kc.mcafee.com/corporate/index?page=content&id=SB10136
CONFIRM https://kc.mcafee.com/corporate/index?page=content&id=SB10157
GENTOO https://security.gentoo.org/glsa/201512-04
CONFIRM https://support.apple.com/kb/HT205031
SECTRACK http://www.securitytracker.com/id/1032988
CONFIRM https://security.netapp.com/advisory/ntap-20151106-0001/
CONFIRM http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
MLIST https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html