Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Gain a shell remotely --> Category: infos

SSH Overflow Vulnerability Scan


Vulnerability Scan Summary
Checks for the remote SSH version

Detailed Explanation for this Vulnerability Test

Synopsis :

Arbitrary code might be executed on the remote host

Description :

The remote host is a running a version of the SSH server which is older than
(or as old as) version 1.2.27.

If this version was compiled against the RSAREF library, then it is very
likely to be vulnerable to a buffer overflow which may be exploited by an
attacker to gain root rights on your system.

To acertain if you compiled ssh against the RSAREF library, type
'ssh -V' on the remote host.

Solution :

Use SSH 2.x, or do not compile ssh against the RSAREF library

Threat Level:

High / CVSS Base Score : 8
(AV:R/AC:H/Au:NR/C:C/A:C/I:C/B:N)

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.