Unrated severityNVD Advisory· Published Sep 27, 2006· Updated Jun 16, 2026

CVE-2006-4924

Description

sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

OpenBSD/OpenSSH56 versions
cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:*+ 55 more
- cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:1.2.27:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:2.3:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:2.5:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:2.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:2.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:2.9:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:2.9.9:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:2.9.9p2:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:2.9p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:2.9p2:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.1p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.2:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.3:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.3p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.4:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.4p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.5:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.5p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.6:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.6.1p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.6.1p2:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.7:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.7.1p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.7.1p2:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.8:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.9:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.9.1p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:4.0p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:4.1p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:4.2p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:4.3p1:*:*:*:*:*:*:*
OpenSSL Project/OpenSSLllm-fuzzy
Range: <4.4

Patches

Vulnerability mechanics

References

www.debian.org/security/2006/dsa-1189nvdPatch
www.debian.org/security/2006/dsa-1212nvdPatch
bugzilla.redhat.com/bugzilla/show_bug.cginvdPatchVendor Advisory
www.securityfocus.com/bid/20216nvdExploitPatch
secunia.com/advisories/21923nvdVendor Advisory
secunia.com/advisories/22091nvdVendor Advisory
secunia.com/advisories/22116nvdVendor Advisory
secunia.com/advisories/22158nvdVendor Advisory
secunia.com/advisories/22164nvdVendor Advisory
secunia.com/advisories/22183nvdVendor Advisory
secunia.com/advisories/22196nvdVendor Advisory
secunia.com/advisories/22208nvdVendor Advisory
secunia.com/advisories/22236nvdVendor Advisory
secunia.com/advisories/22245nvdVendor Advisory
secunia.com/advisories/22270nvdVendor Advisory
secunia.com/advisories/22298nvdVendor Advisory
secunia.com/advisories/22352nvdVendor Advisory
secunia.com/advisories/22362nvdVendor Advisory
secunia.com/advisories/22487nvdVendor Advisory
secunia.com/advisories/22495nvdVendor Advisory
secunia.com/advisories/22823nvdVendor Advisory
secunia.com/advisories/22926nvdVendor Advisory
secunia.com/advisories/23038nvdVendor Advisory
secunia.com/advisories/23241nvdVendor Advisory
secunia.com/advisories/23340nvdVendor Advisory
www.kb.cert.org/vuls/id/787448nvdUS Government Resource
www.us-cert.gov/cas/techalerts/TA07-072A.htmlnvdUS Government Resource
ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:22.openssh.ascnvd
ftp.sco.com/pub/unixware7/714/security/p534336/p534336.txtnvd
patches.sgi.com/support/free/security/advisories/20061001-01-P.ascnvd
blogs.sun.com/security/entry/sun_alert_102962_security_vulnerabilitynvd
bugs.gentoo.org/show_bug.cginvd
docs.info.apple.com/article.htmlnvd
itrc.hp.com/service/cki/docDisplay.donvd
lists.apple.com/archives/security-announce/2007/Mar/msg00002.htmlnvd
marc.infonvd
secunia.com/advisories/23680nvd
secunia.com/advisories/24479nvd
secunia.com/advisories/24799nvd
secunia.com/advisories/24805nvd
secunia.com/advisories/25608nvd
secunia.com/advisories/29371nvd
secunia.com/advisories/34274nvd
security.freebsd.org/advisories/FreeBSD-SA-06%3A22.openssh.ascnvd
security.gentoo.org/glsa/glsa-200609-17.xmlnvd
security.gentoo.org/glsa/glsa-200611-06.xmlnvd
securitytracker.com/idnvd
slackware.com/security/viewer.phpnvd
sourceforge.net/forum/forum.phpnvd
sourceforge.net/project/shownotes.phpnvd
sunsolve.sun.com/search/document.donvd
support.avaya.com/elmodocs2/security/ASA-2006-216.htmnvd
support.avaya.com/elmodocs2/security/ASA-2006-262.htmnvd
www-unix.globus.org/mail_archive/security-announce/2007/04/msg00000.htmlnvd
www.mandriva.com/security/advisoriesnvd
www.novell.com/linux/security/advisories/2006_24_sr.htmlnvd
www.novell.com/linux/security/advisories/2006_62_openssh.htmlnvd
www.openbsd.org/errata.htmlnvd
www.openpkg.org/security/advisories/OpenPKG-SA-2006.022-openssh.htmlnvd
www.osvdb.org/29152nvd
www.redhat.com/support/errata/RHSA-2006-0697.htmlnvd
www.redhat.com/support/errata/RHSA-2006-0698.htmlnvd
www.securityfocus.com/archive/1/447153/100/0/threadednvd
www.trustix.org/errata/2006/0054nvd
www.ubuntu.com/usn/usn-355-1nvd
www.vmware.com/support/vi3/doc/esx-3069097-patch.htmlnvd
www.vmware.com/support/vi3/doc/esx-9986131-patch.htmlnvd
www.vupen.com/english/advisories/2006/3777nvd
www.vupen.com/english/advisories/2006/4401nvd
www.vupen.com/english/advisories/2006/4869nvd
www.vupen.com/english/advisories/2007/0930nvd
www.vupen.com/english/advisories/2007/1332nvd
www.vupen.com/english/advisories/2007/2119nvd
www.vupen.com/english/advisories/2009/0740nvd
exchange.xforce.ibmcloud.com/vulnerabilities/29158nvd
hypersonic.bluecoat.com/support/securityadvisories/ssh_server_on_sgnvd
issues.rpath.com/browse/RPL-661nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10462nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1193nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.028
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000