This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.
An SSH server running on the remote host has an authentication bypass
The version of Tectia SSH Server running on the remote host has an
authentication bypass vulnerability. A remote, unauthenticated attacker
can bypass authentication by sending a specially crafted request,
allowing the attacker to authenticate as root.
The software is only vulnerable when running on Unix or Unix-like
See also :
Disable password authentication in the ssh-server-config.xml
configuration file (this file needs to be created if it does not already
exist). Refer to the vendor's advisory for more information.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true
Family: Gain a shell remotely
Nessus Plugin ID: 63156 ()
Bugtraq ID: 56783
CVE ID: CVE-2012-5975
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.