How to Buy
This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.
The SSH server running on the remote host has a privilege escalation
According to its banner, the version of OpenSSH running on the remote
host may have a privilege escalation vulnerability. OpenSSH on Red
Hat Enterprise Linux 5, Fedora 11, and possibly other platforms use an
insecure implementation of the 'ChrootDirectory' configuration
setting, which could allow privilege escalation. Upstream OpenSSH is
The fix for this issue does not change the version in the OpenSSH
banner, so this may be a false positive.
See also :
Apply the appropriate patch listed in Red Hat security advisory
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.9
Public Exploit Available : true
Nessus Plugin ID: 17706 ()
Bugtraq ID: 36552
CVE ID: CVE-2009-2904
Get Nessus Professional to scan unlimited IPs, run compliance checks & more
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.