This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote SSH service is susceptible to a remote denial of service
According to its banner, a version of OpenSSH earlier than version 6.2
is listening on this port. The default configuration of OpenSSH
installs before 6.2 could allow a remote attacker to bypass the
LoginGraceTime and MaxStartups thresholds by periodically making a large
number of new TCP connections and thereby prevent legitimate users from
gaining access to the service.
Note that this plugin has not tried to exploit the issue or detect
whether the remote service uses a vulnerable configuration. Instead, it
has simply checked the version of OpenSSH running on the remote host.
See also :
Upgrade to OpenSSH 6.2 and review the associated server configuration
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : false