Security Bulletin: AIX OpenSSH Vulnerability (CVE-2010-5107)
IBM PSIRT 270004PFE3 email@example.com | | Tags:  psirtmedium psirtpower
0 Comments | 2,170 Visits
The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.
Affected product(s) & Affected version(s):
AIX 5.3, 6.1 and 7.1
Refer to the following reference URLs for remediation and additional vulnerability details.