* Backport from 4.4p1 (since I don't have an updated version of the GSSAPI

patch yet): - CVE-2006-4924: Fix a pre-authentication denial of service found by Tavis Ormandy, that would cause sshd(8) to spin until the login grace time expired (closes: #389995).
author: Colin Watson <cjwatson@debian.org> 2006-09-29 11:11:50 +0000
committer: Colin Watson <cjwatson@debian.org> 2006-09-29 11:11:50 +0000
commit: 0b228013734983ec12ddaa535d42704b5e4cee90 (patch)
tree: ea38d090d185ec0c05096d532ad15e56639e7ccb /packet.c
parent: 37ee889c18fbb5693ba03576f44f5b81db8c7c3c (diff)
1 files changed, 10 insertions, 3 deletions
diff --git a/packet.c b/packet.c
index 3208383e8..827ae16b3 100644
--- a/packet.c
+++ b/packet.c
@@ -992,9 +992,16 @@ packet_read_poll1(void)
         * (C)1998 CORE-SDI, Buenos Aires Argentina
         * Ariel Futoransky(futo@core-sdi.com)
         */
-        if (!receive_context.plaintext &&
+        if (!receive_context.plaintext) {
-            detect_attack(buffer_ptr(&input), padded_len, NULL) == DEATTACK_DETECTED)
+                switch (detect_attack(buffer_ptr(&input), padded_len, NULL)) {
-                packet_disconnect("crc32 compensation attack: network attack detected");
+                case DEATTACK_DETECTED:
+                        packet_disconnect("crc32 compensation attack: "
+                            "network attack detected");
+                case DEATTACK_DOS_DETECTED:
+                        packet_disconnect("deattack denial of "
+                            "service detected");
+                }
+        }
        /* Decrypt data to incoming_packet. */
        buffer_clear(&incoming_packet);
author	Colin Watson <cjwatson@debian.org>	2006-09-29 11:11:50 +0000
committer	Colin Watson <cjwatson@debian.org>	2006-09-29 11:11:50 +0000
commit	0b228013734983ec12ddaa535d42704b5e4cee90 (patch)
tree	ea38d090d185ec0c05096d532ad15e56639e7ccb /packet.c
parent	37ee889c18fbb5693ba03576f44f5b81db8c7c3c (diff)