Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Gain a shell remotely --> Category: infos

SSH 3 AllowedAuthentication Vulnerability Scan

Vulnerability Scan Summary
Checks for the remote SSH version

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote SSH server may accept password-based authentications even when
not explicitely enabled.

Description :

The remote host is running a version of SSH which is older than 3.1.2
and newer or equal to 3.0.0.

There is a vulnerability in this release that may, under some circumstances,
allow users to authenticate using a password whereas it is not explicitly
listed as a valid authentication mechanism.

A possible hacker may use this flaw to attempt to brute force a password using a
dictionary attack (if the passwords used are weak).

Solution :

Upgrade to version 3.1.2 of SSH which solves this problem.

Threat Level:

Low / CVSS Base Score : 2

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.