|
Family: Gain a shell remotely --> Category: infos
SSH Overflow Vulnerability Scan
Vulnerability Scan Summary Checks for the remote SSH version
Detailed Explanation for this Vulnerability Test
Synopsis :
Arbitrary code might be executed on the remote host
Description :
The remote host is a running a version of the SSH server which is older than
(or as old as) version 1.2.27.
If this version was compiled against the RSAREF library, then it is very
likely to be vulnerable to a buffer overflow which may be exploited by an
attacker to gain root rights on your system.
To acertain if you compiled ssh against the RSAREF library, type
'ssh -V' on the remote host.
Solution :
Use SSH 2.x, or do not compile ssh against the RSAREF library
Threat Level:
High / CVSS Base Score : 8
(AV:R/AC:H/Au:NR/C:C/A:C/I:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|