Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Gain root remotely --> Category: infos

OpenSSH UseLogin Environment Variables Vulnerability Scan

Vulnerability Scan Summary
Checks for the remote SSH version

Detailed Explanation for this Vulnerability Test

You are running a version of OpenSSH which is older than 3.0.2.

Versions prior than 3.0.2 are vulnerable to an environment variables
export that can allow a local user to execute command with root
rights. This problem affect only versions prior than 3.0.2, and
when the UseLogin feature is enabled (usually disabled by default)

Solution : Upgrade to OpenSSH 3.0.2 or apply the patch for prior
versions. (Available at:

Threat Level: High (If UseLogin is enabled, and locally)

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.