Common Vulnerabilities and Exposures assigned an identifier CVE-2011-5000 to the following vulnerability: Name: CVE-2011-5000 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5000 Assigned: 20111224 Reference: FULLDISC:20110801 Useless OpenSSH resources exhausion bug via GSSAPI Reference: http://seclists.org/fulldisclosure/2011/Aug/2 Reference: http://site.pi3.com.pl/adv/ssh_1.txt The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant. The upstream fix for this is here: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/gss-serv.c.diff?r1=1.22;r2=1.23 Also note that this is a POST-authentication bug, meaning that an attacker would need to have valid credentials to successfully authenticate to the server in order to exploit this. If a user already has the ability to log into the server, there are a number of other mechanisms that could be exploited (arguably easier) to consume excessive resources on the server.
Statement: (none)
Created openssh tracking bugs for this issue Affects: fedora-all [bug 809939]
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2012:0884 https://rhn.redhat.com/errata/RHSA-2012-0884.html