Family: Debian Local Security Checks --> Category: infos
[DSA027] DSA-027-1 OpenSSH Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Versions of OpenSSH prior to 2.3.0 are vulnerable to a remote arbitrary
memory overwrite attack which may lead to a root exploit.
CORE-SDI has described a problem with regards to RSA key exchange and a
Bleichenbacher attack to gather the session key from an ssh session.
Both of these issues have been corrected in our ssh package 1.2.3-9.2.
We recommend you upgrade your openssh package immediately.
Solution : http://www.debian.org/security/2001/dsa-027
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.