This script is Copyright (C) 2011-2012 Tenable Network Security, Inc.
The remote SSH service is affected by a denial of service
According to its banner, the remote host is running a version of
OpenSSH earlier than 2.9.9p1. Such versions fail to initiate a
Pluggable Authentication Module (PAM) session if commands are executed
with no pty. A remote, unauthenticated attacker, exploiting this
flaw, could bypass resource limits (rlimits) set in pam.d.
See also :
Upgrade to OpenSSH 2.9.9p1 or later.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 7.5
Public Exploit Available : true