SSH1 SSH Daemon Logging Failure

This script is Copyright (C) 2003-2016 Xue Yong Zhi


Synopsis :

The remote SSH server does not properly log repeated logins attempts.

Description :

The remote host is running SSH Communications Security SSH 1.2.30 or
older.

The remote version of this software does not log repeated login
attempts, which could allow remote attackers to compromise accounts
without detection via a brute-force attack.

See also :

http://www.nessus.org/u?dc4157ec

Solution :

Upgrade the remote SSH server to the newest version available from
SSH.com

Risk factor :

High / CVSS Base Score : 7.1
(CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:C)
CVSS Temporal Score : 5.9
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 11341 ()

Bugtraq ID: 2345

CVE ID: CVE-2001-0471

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now