OpenSSH Legacy Certificate Signing Information Disclosure

This script is Copyright (C) 2011 Tenable Network Security, Inc.


Synopsis :

Remote attackers may be able to access sensitive information.

Description :

According to the banner, OpenSSH 5.6 or 5.7 is running on the remote
host. These versions contain an information disclosure vulnerability.
This vulnerability may cause the contents of the stack to be copied
into an SSH certificate, which is visible to a remote attacker. This
information may lead to further attacks.

See also :

http://www.openssh.com/txt/legacy-cert.adv
http://www.openssh.com/txt/release-5.8

Solution :

Upgrade to OpenSSH 5.8 or later.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 3.2
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 51920 ()

Bugtraq ID: 46155

CVE ID: CVE-2011-0539