|
|
Family: Gain root remotely --> Category: infos
SSH Multiple Vulns Vulnerability Scan
Vulnerability Scan Summary
SSH Multiple Vulnerabilities 16/12/2002
Detailed Explanation for this Vulnerability Test
Synopsis :
It is possible to execute arbitrary code on the remote host
Description :
According to its banner, the remote SSH server is vulnerable to one or
more of the following vulnerabilities:
- CVE-2002-1357 (incorrect length)
- CVE-2002-1358 (lists with empty elements/empty strings)
- CVE-2002-1359 (large packets and large fields)
- CVE-2002-1360 (string fields with zeros)
Some of these vulnerabilities may allow remote attackers to execute
arbitrary code with the rights of the SSH process, usually root.
Solution :
Upgrade your SSH server to an unaffected version
Threat Level:
Critical / CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
