How to Buy
This script is Copyright (C) 2002-2012 Tenable Network Security, Inc.
The remote host has an application that is affected multiple
According to its banner, the remote host appears to be
running OpenSSH version 3.4 or older. Such versions are
reportedly affected by multiple flaws. An attacker may
exploit these vulnerabilities to gain a shell on the remote
Note that several distributions patched this hole without
changing the version number of OpenSSH. Since Nessus solely
relied on the banner of the remote SSH server to perform this
check, this might be a false positive.
If you are running a RedHat host, make sure that the command :
rpm -q openssh-server
See also :
Upgrade to OpenSSH 3.4 or contact your vendor for a patch.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true
Family: Gain a shell remotely
Nessus Plugin ID: 11031 ()
Bugtraq ID: 5093
CVE ID: CVE-2002-0639CVE-2002-0640
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.