|
Family: Gain a shell remotely --> Category: infos
OpenSSH < 3.0.1 Vulnerability Scan
Vulnerability Scan Summary Checks for the remote SSH version
Detailed Explanation for this Vulnerability Test
You are running a version of OpenSSH which is older than 3.0.1.
Versions older than 3.0.1 are vulnerable to a flaw in which
a possible hacker may authenticate, provided that Kerberos V support
has been enabled (which is not the case by default).
It is also vulnerable as an excessive memory clearing bug,
believed to be unexploitable.
*** You may ignore this warning if this host is not using
*** Kerberos V
Solution : Upgrade to OpenSSH 3.0.1
Threat Level: Low (if you are not using Kerberos) / High (if kerberos is enabled)
Click HERE for more information and discussions on this network vulnerability scan.
|