CVE-2004-2069
published 2004-12-31CVE-2004-2069: sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a…
PriorityP419medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
3.37%
87.2th percentile
sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the connection open and allows remote attackers to cause a denial of service (connection consumption).
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | openssh | < openssh 1:3.8p1 (bookworm) | openssh 1:3.8p1 (bookworm) |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | >= 0 < 1:3.8p1 | 1:3.8p1 |
| openbsd | openssh | >= 0 < 1:3.8p1 | 1:3.8p1 |
| openbsd | openssh | >= 0 < 1:3.8p1 | 1:3.8p1 |
| openbsd | openssh | >= 0 < 1:3.8p1 | 1:3.8p1 |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-pwvm-3xfp-52vg: sshd
ghsa_unreviewed·2022-04-29
CVE-2004-2069 [MEDIUM] GHSA-pwvm-3xfp-52vg: sshd
sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the connection open and allows remote attackers to cause a denial of service (connection consumption).
OSV
CVE-2004-2069: sshd
osv·2004-12-31·CVSS 5.0
CVE-2004-2069 [MEDIUM] CVE-2004-2069: sshd
sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the connection open and allows remote attackers to cause a denial of service (connection consumption).
Red Hat
security flaw
vendor_redhat·2004-01-27·CVSS 5.0
CVE-2004-2069 [MEDIUM] security flaw
security flaw
sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the connection open and allows remote attackers to cause a denial of service (connection consumption).
Debian
CVE-2004-2069: openssh - sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using pr...
vendor_debian·2004·CVSS 5.0
CVE-2004-2069 [MEDIUM] CVE-2004-2069: openssh - sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using pr...
sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the connection open and allows remote attackers to cause a denial of service (connection consumption).
Scope: local
bookworm: resolved (fixed in 1:3.8p1)
bullseye: resolved (fixed in 1:3.8p1)
forky: resolved (fixed in 1:3.8p1)
sid: resolved (fixed in 1:3.8p1)
trixie: resolved (fixed in 1:3.8p1)
No detection rules found.
No public exploits indexed.
http://marc.info/?l=openssh-unix-dev&m=107520317020444&w=2http://marc.info/?l=openssh-unix-dev&m=107529205602320&w=2http://rhn.redhat.com/errata/RHSA-2005-550.htmlhttp://secunia.com/advisories/17000http://secunia.com/advisories/17135http://secunia.com/advisories/17252http://secunia.com/advisories/22875http://secunia.com/advisories/23680http://support.avaya.com/elmodocs2/security/ASA-2005-216.pdfhttp://support.avaya.com/elmodocs2/security/ASA-2005-223.pdfhttp://www.osvdb.org/16567http://www.securityfocus.com/archive/1/425397/100/0/threadedhttp://www.securityfocus.com/archive/1/451404/100/0/threadedhttp://www.securityfocus.com/archive/1/451417/100/200/threadedhttp://www.securityfocus.com/archive/1/451426/100/200/threadedhttp://www.securityfocus.com/bid/14963http://www.vmware.com/download/esx/esx-202-200610-patch.htmlhttp://www.vmware.com/download/esx/esx-213-200610-patch.htmlhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.htmlhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.htmlhttp://www.vupen.com/english/advisories/2006/4502https://exchange.xforce.ibmcloud.com/vulnerabilities/20930https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11541http://marc.info/?l=openssh-unix-dev&m=107520317020444&w=2http://marc.info/?l=openssh-unix-dev&m=107529205602320&w=2http://rhn.redhat.com/errata/RHSA-2005-550.htmlhttp://secunia.com/advisories/17000http://secunia.com/advisories/17135http://secunia.com/advisories/17252http://secunia.com/advisories/22875http://secunia.com/advisories/23680http://support.avaya.com/elmodocs2/security/ASA-2005-216.pdfhttp://support.avaya.com/elmodocs2/security/ASA-2005-223.pdfhttp://www.osvdb.org/16567http://www.securityfocus.com/archive/1/425397/100/0/threadedhttp://www.securityfocus.com/archive/1/451404/100/0/threadedhttp://www.securityfocus.com/archive/1/451417/100/200/threadedhttp://www.securityfocus.com/archive/1/451426/100/200/threadedhttp://www.securityfocus.com/bid/14963http://www.vmware.com/download/esx/esx-202-200610-patch.htmlhttp://www.vmware.com/download/esx/esx-213-200610-patch.htmlhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.htmlhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.htmlhttp://www.vupen.com/english/advisories/2006/4502https://exchange.xforce.ibmcloud.com/vulnerabilities/20930https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11541
2004-12-31
Published