Cerberus FTP Server < 5.0.4.0 SSH DES Cipher Weakness

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The FTP server installed on the remote Windows host supports a weak
encryption algorithm.

Description :

The version of Cerberus FTP server on the remote host is earlier than
5.0.4.0. Such versions reportedly support the DES cipher for SSH
sessions. This can create more favorable conditions for brute-force
attacks on the encrypted network traffic.

See also :

http://www.cerberusftp.com/products/releasenotes.html

Solution :

Upgrade to Cerberus FTP server 5.0.4.0 or later.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)

Family: FTP

Nessus Plugin ID: 63558 ()

Bugtraq ID:

CVE ID: CVE-2012-5301