OpenSSH < 5.9 Multiple DoS

This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.

Synopsis :

The SSH server on the remote host has multiple denial of service

Description :

According to its banner, the version of OpenSSH running on the remote
host is prior to version 5.9. Such versions are affected by multiple
denial of service vulnerabilities :

- A denial of service vulnerability exists in the
gss-serv.c 'ssh_gssapi_parse_ename' function. A remote
attacker may be able to trigger this vulnerability if
gssapi-with-mic is enabled to create a denial of service
condition via a large value in a certain length field.

- On FreeBSD, NetBSD, OpenBSD, and other products, a
remote, authenticated attacker could exploit the
remote_glob() and process_put() functions to cause a
denial of service (CPU and memory consumption).

See also :

Solution :

Upgrade to OpenSSH 5.9 or later.

Risk factor :

Medium / CVSS Base Score : 4.0
CVSS Temporal Score : 3.5
Public Exploit Available : true

Family: Denial of Service

Nessus Plugin ID: 17703 ()

Bugtraq ID: 54114

CVE ID: CVE-2010-4755