This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.
The remote Debian host is missing a security-related update.
If the UseLogin feature is enabled in ssh local users could pass
environment variables (including variables like LD_PRELOAD) to the
login process. This has been fixed by not copying the environment if
UseLogin is enabled.
Please note that the default configuration for Debian does not have
See also :
This has been fixed in version 1:1.2.3-9.4.
Risk factor :
High / CVSS Base Score : 7.2
CVSS Temporal Score : 5.3
Public Exploit Available : false