VYPR
← All advisories
High severity7.5NVD Advisory· Published Mar 7, 2013· Updated May 29, 2026

CVE-2010-5107

CVE-2010-5107

Description

OpenSSH default configuration enables remote attackers to exhaust connection slots via many TCP connections before login completion.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

OpenSSH default configuration enables remote attackers to exhaust connection slots via many TCP connections before login completion.

Vulnerability

The default configuration of OpenSSH through version 6.1 enforces a fixed time limit (LoginGraceTime, default 120 seconds) between establishing a TCP connection and completing a login [3]. This allows an attacker to keep multiple connections in the pre-authentication state for the duration of the grace time, potentially exhausting all available MaxStartups slots (default 10 unauthenticated connections) on the server [3][4].

Exploitation

An attacker can open numerous TCP connections to the SSH server without completing authentication. By measuring the LoginGraceTime (e.g., by waiting for the connection to close after a delay), the attacker times the connections to remain open for the full grace period. Repeated connection attempts fill the server's connection slot limit, preventing new connections [3].

Impact

Successful exploitation leads to a denial of service (DoS) condition where the SSH server refuses new connections due to exhaustion of pre-authentication connection slots. This can disrupt legitimate administrative access and automated SSH-based services, but does not allow code execution or data compromise.

Mitigation

Red Hat Enterprise Linux addressed this in RHSA-2013:1591 [1]; users should apply updates that increase MaxStartups or implement rate limiting. For OpenSSH versions 6.2 and later, set MaxStartups to a higher value (e.g., 10:30:60 to start dropping connections after a threshold) or use firewall rules to limit incoming connection rates [4]. If no patch is available, adjust the configuration to mitigate the attack.

References
  1. http://rhn.redhat.com/errata/RHSA-2013-1591.html
  2. security - Re: CVE id request: openssh?
  3. Prevent connection slot exhaustion attacks

AI Insight generated on May 29, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

84
  • OpenBSD/OpenSSH84 versions
    cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*+ 83 more
    • cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*range: <=6.1
    • cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:1.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:1.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:1.2.27:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:1.5.7:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:1.5.8:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:2.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:2.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:2.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:2.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:2.9:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:2.9.9:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:2.9.9p2:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:2.9p1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:2.9p2:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.1p1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.3p1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.4p1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.5p1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.6.1p1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.6.1p2:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.7:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.7.1p1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.7.1p2:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.8:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.9:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.9.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:3.9.1p1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:4.0p1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:4.1p1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:4.2p1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:4.3p1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:4.3p2:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:4.4:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:4.4p1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:4.6:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:4.7:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:4.8:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:4.9:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:5.8:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:5.8p2:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:5.9:*:*:*:*:*:*:*
    • cpe:2.3:a:openbsd:openssh:6.0:*:*:*:*:*:*:*
    • (no CPE)range: <=6.1

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

12

News mentions

0

No linked articles in our index yet.