This script is Copyright (C) 2011 Tenable Network Security, Inc.
The remote SSH server is affected by an information disclosure
According to its banner, the remote host is running a version of
OpenSSH prior to 4.0. Versions of OpenSSH earlier than 4.0 are
affected by an information disclosure vulnerability because the
application stores hostnames, IP addresses, and keys in plaintext in
the 'known_hosts' file. A local attacker, exploiting this flaw, could
gain access to sensitive information that could be used in subsequent
See also :
Upgrade to OpenSSH 4.0 or later.
Risk factor :
Low / CVSS Base Score : 1.2