TANDBERG Video Communication Server Static SSH Host Keys

This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

The remote SSH service uses a static host key.

Description :

The remote device appears to be a TANDBERG Video Communication Server
(VCS), an appliance supporting interoperation of video conferencing
and unified communications devices.

The fingerprint for the SSH service running on this device matches
that of the host key distributed with some versions of the VCS
firmware.

Knowing this, a remote attacker may be able to impersonate or conduct
man-in-the-middle attacks and gain shell access to the affected
device.

See also :

http://www.vsecurity.com/resources/advisory/20100409-2/
http://www.securityfocus.com/archive/1/510654

Solution :

Generate a new SSH host key and use it in place of the current one.
Then upgrade to VCS firmware version 5.1.1 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.7
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 45545 ()

Bugtraq ID: 39389

CVE ID: CVE-2009-4510