This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote Amazon Linux AMI host is missing a security update.
A denial of service flaw was found in the OpenSSH GSSAPI
authentication implementation. A remote, authenticated user could use
this flaw to make the OpenSSH server daemon (sshd) use an excessive
amount of memory, leading to a denial of service. GSSAPI
authentication is enabled by default ('GSSAPIAuthentication yes' in
See also :
Run 'yum update openssh' to update your system.
Risk factor :
Low / CVSS Base Score : 3.5
Family: Amazon Linux Local Security Checks
Nessus Plugin ID: 69706 ()
CVE ID: CVE-2011-5000