Developers Documentation



301 error for file:

User Tools

Site Tools

CVE 2006-4924

'sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.'

ClearCenter response

Short response

This CVE is addressed in a backported fix to ClearOS. ClearOS 5.x systems were never vulnerable to this bug.

Long response

Previous fixes before the release of ClearOS 5 addressed this issue. ClearOS does not increment version numbers in order to maintain dependencies between subsystems. The audit system has not taken into account ClearOS minor version numbers which correctly represent the fix to the system.

ClearOS has backported fixes to this problem. All versions of ClearOS 5.x are not vulnerable to this issue. ClearOS 6 and later are also not affected by this issue.


No action required.

content/en_us/announcements_cve_cve-2006-4924.txt · Last modified: 2014/12/22 10:29 by dloper