Debian Bug report logs - #392428
ssh: OpenSSH Duplicated Block Remote Denial of Service Vulnerability (CVE-2006-4924)

version graph

Package: ssh; Maintainer for ssh is Debian OpenSSH Maintainers <>; Source for ssh is src:openssh.

Reported by: Rebeka <>

Date: Wed, 11 Oct 2006 18:03:02 UTC

Severity: normal

Found in version openssh/1:3.8.1p1-8.sarge.4

Reply or subscribe to this bug.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to, Matthew Vernon <>:
Bug#392428; Package ssh. Full text and rfc822 format available.

Acknowledgement sent to Rebeka <>:
New Bug report received and forwarded. Copy sent to Matthew Vernon <>. Full text and rfc822 format available.

Message #5 received at (full text, mbox):

From: Rebeka <>
Subject: ssh: OpenSSH Duplicated Block Remote Denial of Service Vulnerability (CVE-2006-4924)
Date: Wed, 11 Oct 2006 10:52:48 -0700 (PDT)
Package: ssh
Version: 1:3.8.1p1-8.sarge.4

*** Please type your report below this line ***
I've seen this issue reported and patched for the testing version of
openssh, but not for the current stable release.  This is a serious
vulnerability for ssh version 1.

More information can be found at

-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-686
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)

Versions of packages ssh depends on:
ii  adduser               3.63               Add and remove users and groups
ii  debconf               Debian configuration management sy
ii  dpkg                  1.10.28            Package maintenance system for Deb
ii  libc6                 2.3.2.ds1-22sarge3 GNU C Library: Shared libraries an
ii  libpam-modules        0.76-22            Pluggable Authentication Modules f
ii  libpam-runtime        0.76-22            Runtime support for the PAM librar
ii  libpam0g              0.76-22            Pluggable Authentication Modules l
ii  libssl0.9.7           0.9.7e-3sarge4     SSL shared libraries
ii  libwrap0              7.6.dbs-8          Wietse Venema's TCP wrappers libra
ii  zlib1g                1:1.2.2-4.sarge.2  compression library - runtime

-- debconf information excluded

Send a report that this bug log contains spam.

Debian bug tracking system administrator <>. Last modified: Thu Apr 17 04:03:45 2014; Machine Name:

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.