|
Family: Gain a shell remotely --> Category: infos
OpenSSH Client Unauthorized Remote Forwarding Vulnerability Scan
Vulnerability Scan Summary Checks for the remote SSH version
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote SSH client does not disable X11 forwarding.
Description :
The remote host is running a version of the OpenSSH client older than or
as old as version 2.3.0.
This version does not properly disable X11 or agent forwarding,
which could allow a malicious SSH server to gain access to the X11
display and sniff X11 events, or gain access to the ssh-agent.
Solution :
Install the newest version of OpenSSH, available at http://www.openssh.com
Threat Level:
Low / CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)
Click HERE for more information and discussions on this network vulnerability scan.
|