CVE-2016-6515

This exploit targets a CPU consumption vulnerability in OpenSSH before 7.3 by sending a crafted password of 90,000 characters during authentication, causing excessive CPU usage and a denial-of-service condition.

This repository contains a functional exploit for CVE-2016-6515, a denial-of-service vulnerability in OpenSSH versions before 7.3. The exploit leverages the lack of password length limits during authentication, causing excessive CPU consumption via a long password string.

This repository contains a functional proof-of-concept exploit for CVE-2016-6515, which causes a denial-of-service (DoS) in OpenSSH servers by sending an excessively long password during authentication, leading to excessive CPU usage and potential crashes.

This repository provides a Docker container with a vulnerable version of OpenSSH (7.2p2) to demonstrate CVE-2016-6515, a vulnerability in OpenSSH's PAM authentication. The container runs a vulnerable SSH server, allowing for testing of the exploit.