COMMAND

    SSH Secure Shell

SYSTEMS AFFECTED

    SSH Secure Shell for Windows Server 2.4

PROBLEM

    Following  is   based  on   a  U.S.S.R   labs  Security   Advisory
    USSR-2001001 by Luciano Martins.  UssrLabs has recently discovered
    a problem with  Windows versions of  sshd.  The  problem lies with
    adjacent connection handling  where the sshd  is unable to  handle
    64 simulataneous connections.   As a result  the sshd will  crash,
    and no services to the sshd will be accepted.

    The problem lies in ssheloop.c where the assertion test fails.

    The Event Log displays the following code after 64 connections are
    spawned:

        FATAL ERROR: E:\src\lib\sshutil\ssheloop\win32\ssheloop.c:1597 SshEventLoop
        (function name unavailable) Assertion failed: ssh_adt_num_objects(ssh_eloop_events) < 64

    No  doubt,  proper  error   handling  techniques  have  not   been
    implemented  for  the  SshEventLoop  which  ultimately  causes the
    crash.  This results in a Denial of Service against the service in
    question.

SOLUTION

    SSH Secure Shell for Windows Server 2.5 available soon.  If  there
    are  more  than  64  active  connections  in  the SSH Secure Shell
    Windows server, the sshd  mother process dies. SSH  Communications
    Security are currently  fixing this problem.   In the meantime,  a
    temporary  solution  is  available.   As  every  active connection
    creates at least one event, setting the MaxConnections keyword  in
    the sshd2_config file to a value under 64 fixes this problem:

        ## General settings
                MaxConnections                  50

    Setting the  maximum number  of connections  to 50  leaves a  safe
    margin for additional events which are generated depending on  the
    environment.