Reported March 15, 2001, by USSR Labs.

VERSION AFFECTED

  • SSH Secure Shell Server for Windows 2.4

DESCRIPTION


A vulnerability exists in version 2.4 of SSH’s Secure Shell Server for Windows that makes it possible for an attacker to spawn 64 concurrent connections and cause the server to stop responding and serving requests, resulting in a Denial of Service (DoS) condition.


VENDOR RESPONSE

 

The vendor, SSH Communications Security, has been notified and will release version 2.5 to fix this vulnerability.

 

CREDIT

Discovered by Luciano Martins of USSR Labs.