CVE-2006-1206 : Matt Johnston Dropbear SSH server 0.47 and earlier, as used in embedded Linux de

Matt Johnston Dropbear SSH server 0.47 and earlier, as used in embedded Linux devices and on general-purpose operating systems, allows remote attackers to cause a denial of service (connection slot exhaustion) via a large number of connection attempts that exceeds the MAX_UNAUTH_CLIENTS defined value of 30.

Published 2006-03-14 01:06:00

Updated 2025-04-03 01:03:51

Source MITRE

View at NVD, CVE.org

Vulnerability category: Denial of service

Products affected by CVE-2006-1206

Dropbear Ssh Project » Dropbear Ssh
Versions up to, including, (<=) 0.47
cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2006-1206

EPSS FAQ

5.78%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 90 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2006-1206

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

References for CVE-2006-1206

http://www.securityfocus.com/archive/1/426999/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/25075

VDB Entry
http://www.securityfocus.com/bid/17024

Patch;Third Party Advisory;VDB Entry
http://securitytracker.com/id?1015742

GoDaddy Domain Name Search
Third Party Advisory;VDB Entry

Jump to

Vulnerability Details : CVE-2006-1206

Products affected by CVE-2006-1206

Exploit prediction scoring system (EPSS) score for CVE-2006-1206

CVSS scores for CVE-2006-1206

References for CVE-2006-1206