This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote SSH service is susceptible to a remote denial of service
According to its banner, a version of OpenSSH earlier than version 6.2
is listening on this port. The default configuration of OpenSSH
installs before 6.2 could allow a remote attacker to bypass the
LoginGraceTime and MaxStartups thresholds by periodically making a large
number of new TCP connections and thereby prevent legitimate users from
gaining access to the service.
Note that this plugin has not tried to exploit the issue or detect
whether the remote service uses a vulnerable configuration. Instead, it
has simply checked the version of OpenSSH running on the remote host.
See also :
Upgrade to OpenSSH 6.2 and review the associated server configuration
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : false
Family: Denial of Service
Nessus Plugin ID: 67140 ()
Bugtraq ID: 58162
CVE ID: CVE-2010-5107
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.