Synopsis
The remote host has an application that is affected by a local privilege escalation vulnerability.
Description
According to its banner, the remote host appears to be running OpenSSH version older than 2.1.1. Such versions are reportedly affected by a local privilege esclation vulnerability.
If the UseLogin option is enabled, then sshd does not switch to the uid of the user logging in. Instead, sshd relies on login(1) to do the job. However, if the user specifies a command for remote execution, login(1) cannot be used and sshd fails to set the correct user id, so the command is run with the same privilege as sshd (usually root privileges).
Solution
Upgrade to OpenSSH 2.1.1 or make sure that the option UseLogin is set to no in sshd_config
Plugin Details
File Name: openssh_uselogin.nasl
Supported Sensors: Nessus
Risk Information
Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/a:openbsd:openssh
Required KB Items: installed_sw/OpenSSH
Exploit Ease: No known exploits are available
Vulnerability Publication Date: 10/6/2000