ALPINE-CVE-2016-6515

See a problem?
Please try reporting it to the source first.

Source

https://security.alpinelinux.org/vuln/CVE-2016-6515

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/alpine/ALPINE-CVE-2016-6515.json

JSON Data

https://api.test.osv.dev/v1/vulns/ALPINE-CVE-2016-6515

Upstream

CVE-2016-6515

Published

2016-08-07T21:59:09Z

Modified

2025-09-25T23:51:50.574538Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string.

References

https://security.alpinelinux.org/vuln/CVE-2016-6515

Affected packages

Alpine:v3.2 / openssh

Package

Name: openssh
Purl: pkg:apk/alpine/openssh?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.8_p1-r8

Affected versions

5.*

5.1p1-r0

5.1_p1-r1

5.1_p1-r2

5.2_p1-r0

5.2_p1-r1

5.2_p1-r2

5.2_p1-r3

5.3_p1-r3

5.4_p1-r0

5.4_p1-r1

5.4_p1-r2

5.4_p1-r3

5.5_p1-r0

5.6_p1-r0

5.6_p1-r1

5.8_p1-r0

5.8_p1-r1

5.8_p1-r2

5.8_p2-r0

5.8_p2-r1

5.8_p2-r2

5.9_p1-r0

5.9_p1-r1

5.9_p1-r2

6.*

6.0_p1-r0

6.1_p1-r0

6.1_p1-r1

6.1_p1-r2

6.2_p1-r0

6.2_p2-r0

6.2_p2-r1

6.2_p2-r2

6.3_p1-r0

6.3_p1-r1

6.3_p1-r2

6.4_p1-r0

6.4_p1-r1

6.6_p1-r0

6.6_p1-r1

6.6_p1-r2

6.6_p1-r3

6.6_p1-r4

6.6_p1-r5

6.6_p1-r6

6.7_p1-r0

6.8_p1-r0

6.8_p1-r1

6.8_p1-r2

6.8_p1-r3

6.8_p1-r4

6.8_p1-r5

6.8_p1-r6

6.8_p1-r7

Alpine:v3.3 / openssh

Package

Name: openssh
Purl: pkg:apk/alpine/openssh?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2_p2-r2

Affected versions

5.*

5.1p1-r0

5.1_p1-r1

5.1_p1-r2

5.2_p1-r0

5.2_p1-r1

5.2_p1-r2

5.2_p1-r3

5.3_p1-r3

5.4_p1-r0

5.4_p1-r1

5.4_p1-r2

5.4_p1-r3

5.5_p1-r0

5.6_p1-r0

5.6_p1-r1

5.8_p1-r0

5.8_p1-r1

5.8_p1-r2

5.8_p2-r0

5.8_p2-r1

5.8_p2-r2

5.9_p1-r0

5.9_p1-r1

5.9_p1-r2

6.*

6.0_p1-r0

6.1_p1-r0

6.1_p1-r1

6.1_p1-r2

6.2_p1-r0

6.2_p2-r0

6.2_p2-r1

6.2_p2-r2

6.3_p1-r0

6.3_p1-r1

6.3_p1-r2

6.4_p1-r0

6.4_p1-r1

6.6_p1-r0

6.6_p1-r1

6.6_p1-r2

6.6_p1-r3

6.6_p1-r4

6.6_p1-r5

6.6_p1-r6

6.7_p1-r0

6.8_p1-r0

6.8_p1-r1

6.8_p1-r2

6.9_p1-r0

6.9_p1-r1

6.9_p1-r2

6.9_p1-r3

6.9_p1-r4

6.9_p1-r5

7.*

7.1_p1-r0

7.1_p1-r1

7.1_p2-r0

7.2_p1-r0

7.2_p2-r0

7.2_p2-r1

Alpine:v3.4 / openssh

Package

Name: openssh
Purl: pkg:apk/alpine/openssh?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2_p2-r2

Affected versions

5.*

5.1p1-r0

5.1_p1-r1

5.1_p1-r2

5.2_p1-r0

5.2_p1-r1

5.2_p1-r2

5.2_p1-r3

5.3_p1-r3

5.4_p1-r0

5.4_p1-r1

5.4_p1-r2

5.4_p1-r3

5.5_p1-r0

5.6_p1-r0

5.6_p1-r1

5.8_p1-r0

5.8_p1-r1

5.8_p1-r2

5.8_p2-r0

5.8_p2-r1

5.8_p2-r2

5.9_p1-r0

5.9_p1-r1

5.9_p1-r2

6.*

6.0_p1-r0

6.1_p1-r0

6.1_p1-r1

6.1_p1-r2

6.2_p1-r0

6.2_p2-r0

6.2_p2-r1

6.2_p2-r2

6.3_p1-r0

6.3_p1-r1

6.3_p1-r2

6.4_p1-r0

6.4_p1-r1

6.6_p1-r0

6.6_p1-r1

6.6_p1-r2

6.6_p1-r3

6.6_p1-r4

6.6_p1-r5

6.6_p1-r6

6.7_p1-r0

6.8_p1-r0

6.8_p1-r1

6.8_p1-r2

6.9_p1-r0

6.9_p1-r1

6.9_p1-r2

6.9_p1-r3

6.9_p1-r4

6.9_p1-r5

7.*

7.1_p1-r0

7.1_p1-r1

7.1_p2-r0

7.2_p1-r0

7.2_p2-r0

7.2_p2-r1