Cerberus FTP Server < 5.0.4.0 SSH DES Cipher Weakness

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The FTP server installed on the remote Windows host supports a weak
encryption algorithm.

Description :

The version of Cerberus FTP server on the remote host is earlier than
5.0.4.0. Such versions reportedly support the DES cipher for SSH
sessions. This can create more favorable conditions for brute-force
attacks on the encrypted network traffic.

See also :

http://www.cerberusftp.com/products/releasenotes.html

Solution :

Upgrade to Cerberus FTP server 5.0.4.0 or later.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)

Family: FTP

Nessus Plugin ID: 63558 ()

Bugtraq ID:

CVE ID: CVE-2012-5301

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial