Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 156996 - CAN-2004-2069 openssh DoS issue
Summary: CAN-2004-2069 openssh DoS issue
Alias: None
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: openssh
Version: 3.0
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Tomas Mraz
QA Contact: Brian Brock
Whiteboard: impact=low,public=20040127,reported=b...
: 144799 (view as bug list)
Depends On:
Blocks: 156320
TreeView+ depends on / blocked
Reported: 2005-05-05 21:27 UTC by Josh Bressers
Modified: 2007-11-30 22:07 UTC (History)
1 user (show)

Fixed In Version: RHSA-2005-550
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2005-09-28 14:31:49 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2005:550 qe-ready SHIPPED_LIVE Low: openssh security update 2005-09-28 04:00:00 UTC

Description Josh Bressers 2005-05-05 21:27:22 UTC
This information comes from

Basically, the MaxStartups (10) and LoginGraceTime (120 seconds) settings are
supposed to defend against DoS, but when run in privilege-separated mode (the
default), OpenSSH server does not properly kill its children after
LoginGraceTime expires. Thus, sshd processes that are still in authentication
phase after LoginGraceTime expires can hang around forever, and you can DoS an
FC2 OpenSSH server with default settings by simply opening up 10 connections to
the server, specifying an SSH key with a passphrase, and never typing the

Comment 1 Tomas Mraz 2005-05-25 13:04:39 UTC
*** Bug 144799 has been marked as a duplicate of this bug. ***

Comment 2 Josh Bressers 2005-06-02 15:28:32 UTC

Do you know if this issue also affects RHEL4?

My notes say no, but I want to double check.

Comment 3 Tomas Mraz 2005-06-02 18:04:10 UTC
This was fixed upstream before 3.9p1 version was released, so it doesn't affect

Comment 6 Red Hat Bugzilla 2005-09-28 14:31:50 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

Note You need to log in before you can comment on or make changes to this bug.