Detections
Analytics

SSH < 1.2.25 CBC/CFB Data Stream Injection

medium Nessus Network Monitor Plugin ID 1978

Synopsis

The remote host is vulnerable to an flaw that allows attackers to execute arbitrary commands.

Description

The remote host is running a version of SSH which is older than (or as old as) 1.2.23. This version is vulnerable to a known plaintext attack that may allow an attacker to insert encrypted packets in the client - server stream that will be deciphered by the server, thus allowing an attacker to execute arbitrary commands on the remote server.

Solution

Upgrade to SSH-1.2.25 or higher.

See Also

http://www.core-sdi.com/english/ssh

Plugin Details

Severity: Medium

ID: 1978

Family: SSH

Published: 8/20/2004

Updated: 3/6/2019

Nessus ID: 10268

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: Medium

Base Score: 5.1

Temporal Score: 4.4

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: Medium

Base Score: 5.6

Temporal Score: 5.4

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:ssh:secure_shell

Reference Information

CVE: CVE-1999-1085