This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.
The remote Debian host is missing a security-related update.
- Versions of OpenSSH prior to 2.3.0 are vulnerable to a
remote arbitrary memory overwrite attack which may lead
to a root exploit.
- CORE-SDI has described a problem with regards to RSA key
exchange and a Bleichenbacher attack to gather the
session key from an ssh session.
Both of these issues have been corrected in our ssh package 1.2.3-9.2.
We recommend you upgrade your openssh package immediately.
See also :
Upgrade the affected ssh package.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.4
Public Exploit Available : false
Family: Debian Local Security Checks
Nessus Plugin ID: 14864 (debian_DSA-027.nasl)
Bugtraq ID: 2344
CVE ID: CVE-2001-0144CVE-2001-0361
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.