Family: Gain root remotely --> Category: infos
Portable SSH OpenSSH < 3.7.1p2 Vulnerability Scan
Vulnerability Scan Summary
Checks for the remote SSH version
Detailed Explanation for this Vulnerability Test
You are running OpenSSH 3.7p1 or 3.7.1p1.
These versions are vulnerable to a flaw in the way they handle PAM
authentication and may allow a possible hacker to gain a shell on this host.
*** Note that Nessus did not detect whether PAM is being enabled
*** in the remote sshd or not, so this might be a false positive.
Solution : Upgrade to OpenSSH 3.7.1p2 or disable PAM support in sshd_config
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.