|
Family: Gain a shell remotely --> Category: infos
SSH 3.0.0 Vulnerability Scan
Vulnerability Scan Summary Checks for the remote SSH version
Detailed Explanation for this Vulnerability Test
Synopsis :
A possible hacker might be able to use the remote SSH server
to log into the remote host without proper credentials
Description :
The remote host is running SSH 3.0.0. There is a bug in this
release which allows any user to log into accounts whose
password entry is two characters long or less.
A possible hacker might gain root rights using this flaw.
Solution :
Upgrade to version 3.0.1 of SSH which solves this problem.
Threat Level:
Medium / CVSS Base Score : 6
(AV:R/AC:H/Au:NR/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|