Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Gain a shell remotely --> Category: infos

SSH Kerberos issue Vulnerability Scan


Vulnerability Scan Summary
Checks for the remote SSH version

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote SSH server does not properly protect the kerberos tickets of
the users.

Description :

The remote host is running a version of SSH which is older than (or as old as)
version 1.2.27.

There is a flaw in the remote version of this software which allows a possible hacker
to eavesdrop the kerberos tickets of legitimate users of this service, as sshd
will set their environment variable KRB5CCNAME to 'none' when they log in.
As a result, kerberos tickets will be stored in the current working directory
of the user, as 'none'.

In certain cases, this may allow a possible hacker to obtain the tickets.


Solution :

Upgrade to the newest version of SSH.

Threat Level:

Low / CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.