Security Advisory

CVE-2016-8858

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2016-12-09 00:00:00

Last updated 2024-08-06 02:35:01

Assigner mitre

State PUBLISHED

Description

The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH upstream does not consider this as a security issue."

← Browse all CVEs View on cve.org ↗