Family: Gain root remotely --> Category: infos
SSH1 CRC-32 compensation attack Vulnerability Scan
Vulnerability Scan Summary
Checks for the remote SSH version
Detailed Explanation for this Vulnerability Test
It is possible to execute arbitrary code on the remote host.
The remote host is running a version of SSH which is older than version 1.2.32,
or a version of OpenSSH which is older than 2.3.0.
The remote version of this software is vulnerable to a flaw known as a 'CRC-32
compensation attack' which may allow a possible hacker to gain a root shell on this
Upgrade to version 1.2.32 of SSH which solves this problem,
or to version 2.3.0 of OpenSSH
Critical / CVSS Base Score : 10
Click HERE for more information and discussions on this network vulnerability scan.