- Home
- CVEs with nessus.description==The version of the FreeBSD kernel running on the remote host is prior to 10.3-RELEASE-p21, 11.0 prior to 11.0-RELEASE-p12, or 11.1 prior to 11.1-RELEASE-p1. It, therefore, affected by a flaw in built-in password authentication in OpenSSH. An unauthenticated, remote attacker can exploit this issue by sending very long passwords when PasswordAuthentication is enabled by the system administrator, resulting in a denial of service condition.
Note that this issue only affects hosts with PasswordAuthentication enabled in /etc/ssh/sshd_config (the default FreeBSD configuration).
You may workaround this issue by disabling PasswordAuthentication and restarting sshd.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top