Family: Gain a shell remotely --> Category: infos
SSH Insertion Attack Vulnerability Scan
Vulnerability Scan Summary
Checks for the remote SSH version
Detailed Explanation for this Vulnerability Test
The remote SSH server contains a cryptographical weakness which might allow
a third party to decrypt the traffic.
The remote host is running a version of SSH which is older than (or as old as)
The remote version of this software is vulnerable to a known plain text attack,
which may allow a possible hacker to insert encrypted packets in the client - server
stream that will be deciphered by the server, thus allowing the attacker to
execute arbitrary commands on the remote server
Upgrade to version 1.2.25 of SSH which solves this problem.
Low / CVSS Base Score : 3
Click HERE for more information and discussions on this network vulnerability scan.