This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.
The remote SSH service is affected by multiple vulnerabilities.
According to its banner, the remote host is running a version of
OpenSSH prior to 4.5. Versions before 4.5 are affected by the
following vulnerabilities :
- A client-side NULL pointer dereference, caused by a
protocol error from a malicious server, which could
cause the client to crash. (CVE-2006-4925)
- A privilege separation vulnerability exists, which could
allow attackers to bypass authentication. The
vulnerability is caused by a design error between
privileged processes and their child processes. Note
that this particular issue is only exploitable when
other vulnerabilities are present. (CVE-2006-5794)
- An attacker that connects to the service before it has
finished creating keys could force the keys to be
recreated. This could result in a denial of service for
any processes that relies on a trust relationship with
the server. Note that this particular issue only affects
the Apple implementation of OpenSSH on Mac OS X.
See also :
Upgrade to OpenSSH 4.5 or later.
For Mac OS X 10.3, apply Security Update 2007-003.
For Mac OS X 10.4, upgrade to 10.4.9.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 5.5
Public Exploit Available : false
Nessus Plugin ID: 44077 ()
Bugtraq ID: 20956
CVE ID: CVE-2006-4925CVE-2006-5794CVE-2007-0726
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.