OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote attackers to cause a denial of service (client connection refusal) by connecting multiple times to the SSH server, waiting for the password prompt, then disconnecting.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Openssh | Openbsd | 3.8.1p1 (including) | 3.8.1p1 (including) |