Detections
Analytics

FreeBSD : FreeBSD -- Multiple vulnerabilities in OpenSSH (a8f1ee74-f267-11ef-87ba-002590c1f29c)

medium Nessus Plugin ID 216705

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the a8f1ee74-f267-11ef-87ba-002590c1f29c advisory.

 OpenSSH client host verification error (CVE-2025-26465) ssh(1) contains a logic error that allows an on-path attacker to impersonate any server during certain conditions when the VerifyHostKeyDNS option is enabled.
 OpenSSH server denial of service (CVE-2025-26466) The OpenSSH client and server are both vulnerable to a memory/CPU denial of service while handling SSH2_MSG_PING packets.
 OpenSSH client host verification error (CVE-2025-26465) Under specific circumstances, a machine-in-the-middle may impersonate any server when the client has the VerifyHostKeyDNS option enabled.
 OpenSSH server denial of service (CVE-2025-26466) During the processing of SSH2_MSG_PING packets, a server may be subject to a memory/CPU denial of service.

Tenable has extracted the preceding description block directly from the FreeBSD security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://nvd.nist.gov/vuln/detail/CVE-2025-26465

https://nvd.nist.gov/vuln/detail/CVE-2025-26466

http://www.nessus.org/u?38a791b6

Plugin Details

Severity: Medium

ID: 216705

File Name: freebsd_pkg_a8f1ee74f26711ef87ba002590c1f29c.nasl

Version: 1.1

Type: local

Published: 2/24/2025

Updated: 2/24/2025

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.3

CVSS v2

Risk Factor: High

Base Score: 7.1

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:N

CVSS Score Source: CVE-2025-26465

CVSS v3

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 6.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Settings/ParanoidReport, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/24/2025

Vulnerability Publication Date: 2/18/2025

Reference Information

CVE: CVE-2025-26465, CVE-2025-26466