Detections
Analytics

OpenSSH 6.2 and 6.3 AES-GCM Cipher Memory Corruption

medium Nessus Plugin ID 70895

Language:

Synopsis

The SSH server on the remote host is affected by a memory corruption vulnerability.

Description

According to its banner, the version of OpenSSH running on the remote host is version 6.2 or 6.3. It is, therefore, affected by a memory corruption vulnerability in post-authentication when the AES-GCM cipher is used for the key exchange. Exploitation of this vulnerability could lead to arbitrary code execution.

Note that installations are only vulnerable if built against an OpenSSL library that supports AES-GCM.

Solution

Upgrade to OpenSSH 6.4 or refer to the vendor for a patch or workaround.

See Also

http://www.openssh.com/txt/gcmrekey.adv

http://www.openssh.com/txt/release-6.4

Plugin Details

Severity: Medium

ID: 70895

File Name: openssh_gcm.nasl

Version: 1.5

Type: remote

Family: Misc.

Published: 11/13/2013

Updated: 3/27/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: Medium

Base Score: 6

Temporal Score: 4.4

Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P

CVSS Score Source: CVE-2013-4548

Vulnerability Information

CPE: cpe:/a:openbsd:openssh

Required KB Items: installed_sw/OpenSSH

Exploit Ease: No known exploits are available

Patch Publication Date: 11/7/2013

Vulnerability Publication Date: 11/7/2013

Reference Information

CVE: CVE-2013-4548

BID: 63605