How to Buy
This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.
The SSH server on the remote host has multiple denial of service
According to its banner, the version of OpenSSH running on the remote
host is prior to version 5.9. Such versions are affected by multiple
denial of service vulnerabilities :
- A denial of service vulnerability exists in the
gss-serv.c 'ssh_gssapi_parse_ename' function. A remote
attacker may be able to trigger this vulnerability if
gssapi-with-mic is enabled to create a denial of service
condition via a large value in a certain length field.
- On FreeBSD, NetBSD, OpenBSD, and other products, a
remote, authenticated attacker could exploit the
remote_glob() and process_put() functions to cause a
denial of service (CPU and memory consumption).
See also :
Upgrade to OpenSSH 5.9 or later.
Risk factor :
Medium / CVSS Base Score : 4.0
CVSS Temporal Score : 3.5
Public Exploit Available : true
Family: Denial of Service
Nessus Plugin ID: 17703 ()
Bugtraq ID: 5411468757
CVE ID: CVE-2010-4755CVE-2011-5000
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.