[Bug 2265] ServerAlive{Interval, CountMax} ignored if using an active -R or -L tunnel

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed Sep 3 19:02:44 EST 2014


https://bugzilla.mindrot.org/show_bug.cgi?id=2265

--- Comment #1 from openssh at orib.net ---
Note that in some circumstances this can be leveraged into a
denial-of-service attack - if an attacker is able to disconnect a
remote connection and feed data locally at the same time, they can
avoid new data coming in.

(I found this out while investigating what looked like a DOS but
eventually wasn't)

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list