This script is Copyright (C) 2001-2012 Tenable Network Security, Inc.
The remote version of OpenSSH contains multiple vulnerabilities.
According to its banner, the remote host appears to be running
OpenSSH version between 2.5.x and 2.9. Such versions reportedly
contain multiple vulnerabilities :
- sftp-server does not respect the 'command=' argument of
keys in the authorized_keys2 file. (CVE-2001-0816)
- sshd does not properly handle the 'from=' argument of
keys in the authorized_keys2 file. If a key of one type
(e.g. RSA) is followed by a key of another type (e.g.
DSA) then the options for the latter will be applied to
the former, including 'from=' restrictions. This problem
allows users to circumvent the system policy and login
from disallowed source IP addresses. (CVE-2001-1380)
See also :
Upgrade to OpenSSH 2.9.9
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 7.1
Public Exploit Available : true