SSH ssh-keygen with Secure-RPC SUN-DES-1 Phrase Recovery

This script is Copyright (C) 2003-2011 Xue Yong Zhi

Synopsis :

The remote SSH server might allow a local user to recover a SUN-DES-1

Description :

The remote host is running a version of SSH Communications Security
SSH comprised between versions 1.2.27 and 1.2.30.

With Secure-RPC, this version can allow local attackers to recover a
SUN-DES-1 magic phrase generated by another user, which the attacker
can use to decrypt that user's private key file.

Solution :

Download and install the newest version of this software.

Risk factor :

Low / CVSS Base Score : 2.6
CVSS Temporal Score : 2.1
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 11340 ()

Bugtraq ID: 2222

CVE ID: CVE-2001-0259