OpenSSH < 2.1.0 /dev/random Check Failure

This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.


Synopsis :

The remote host is running a version of SSH that may have weak
encryption keys.

Description :

According to its banner, the version of OpenSSH running on the remote
host is less than 2.1.0. On a FreeBSD system running on the Alpha
architecture, versions earlier than that may not use the /dev/random
and /dev/urandom devices to provide a strong source of cryptographic
entropy, which could lead to the generation of keys with weak
cryptographic strength.

See also :

http://cvs.openssl.org/fileview?f=openssl/CHANGES&v=1.514
http://www.nessus.org/u?16bc8320
http://www.nessus.org/u?947aedf5

Solution :

Upgrade OpenSSH to version 2.1.0 or higher / OpenSSL to version 0.9.5a
or higher and re-generate encryption keys.

Risk factor :

Medium / CVSS Base Score : 5.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N)
CVSS Temporal Score : 5.8
(CVSS2#E:H/RL:U/RC:ND)

Family: Misc.

Nessus Plugin ID: 17700 ()

Bugtraq ID: 1340

CVE ID: CVE-2000-0535

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now