BSA-2017-247
21331
15 July 2019
28 April 2017
Closed
High
7.5
N/A
CVE-2016-6515
Summary Security Advisory ID : BSA-2017-247 Component : OpenSSH Revision : 3.0: Final
The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string.
Affected Products
Product |
Current Assessment |
|---|---|
| Brocade Fabric OS | Impacted: Fixed in FOS 8.2.0, FOS7.4.2 |
Revision History
| Version | Change | Date |
|---|---|---|
| 1.0 | Initial Publication | August 25, 2017 |
| 2.0 | Updated to address FOS | September 8, 2017 |
| 3.0 | Updated to address Fibre Channel Only | July 15, 2019 |