SSH Server CBC Mode Ciphers Enabled

This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.


Synopsis :

The SSH server is configured to use Cipher Block Chaining.

Description :

The SSH server is configured to support Cipher Block Chaining (CBC)
encryption. This may allow an attacker to recover the plaintext message
from the ciphertext.

Note that this plugin only checks for the options of the SSH server and
does not check for vulnerable software versions.

Solution :

Contact the vendor or consult product documentation to disable CBC mode
cipher encryption, and enable CTR or GCM cipher mode encryption.

Risk factor :

Low / CVSS Base Score : 2.6
(CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 2.6
(CVSS2#E:ND/RL:ND/RC:ND)
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 70658 ()

Bugtraq ID: 32319

CVE ID: CVE-2008-5161

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial