Ubuntu Security Notice (C) 2013 Canonical, Inc. / NASL script (C) 2013 Tenable Network Security, Inc.
The remote Ubuntu host is missing a security-related patch.
Markus Friedl discovered that OpenSSH incorrectly handled memory when
the AES-GCM cipher was used. A remote authenticated attacker could use
this issue to execute arbitrary code as their user, possibly bypassing
shell or command restrictions.
Update the affected openssh-server package.
Risk factor :
Medium / CVSS Base Score : 6.0
CVSS Temporal Score : 5.2
Public Exploit Available : false