Detections
Analytics

OpenSSH < 3.4 Multiple Remote Overflows

critical Nessus Plugin ID 11031

Language:

Synopsis

The remote host has an application that is affected multiple vulnerabilities.

Description

According to its banner, the remote host appears to be running OpenSSH version 3.4 or older. Such versions are reportedly affected by multiple flaws. An attacker may exploit these vulnerabilities to gain a shell on the remote system.

Note that several distributions patched this hole without changing the version number of OpenSSH. Since Nessus solely relied on the banner of the remote SSH server to perform this check, this might be a false positive.

If you are running a RedHat host, make sure that the command :
 rpm -q openssh-server Returns :
 openssh-server-3.1p1-6

Solution

Upgrade to OpenSSH 3.4 or contact your vendor for a patch.

See Also

http://www.openssh.com/txt/preauth.adv

Plugin Details

Severity: Critical

ID: 11031

File Name: openssh_33.nasl

Version: 1.34

Type: remote

Published: 6/25/2002

Updated: 3/27/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:openbsd:openssh

Required KB Items: installed_sw/OpenSSH

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 6/26/2002

Reference Information

CVE: CVE-2002-0639, CVE-2002-0640

BID: 5093