Family: Gain root remotely --> Category: infos
OpenSSH <= 3.3 Vulnerability Scan
Vulnerability Scan Summary
Checks for the remote SSH version
Detailed Explanation for this Vulnerability Test
You are running a version of OpenSSH which is older than 3.4
There is a flaw in this version that can be exploited remotely to
give a possible hacker a shell on this host.
Note that several distribution patched this hole without changing
the version number of OpenSSH. Since Nessus solely relied on the
banner of the remote SSH server to perform this check, this might
be a false positive.
If you are running a RedHat host, make sure that the command :
rpm -q openssh-server
Solution : Upgrade to OpenSSH 3.4 or contact your vendor for a patch
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.