OpenSSH < 6.6 AcceptEnv Restriction Bypass

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The SSH server on the remote host has a security bypass vulnerability.

Description :

According to its banner, the version of OpenSSH running on the remote
host is prior to version 6.6. It is, therefore, affected by security
restriction bypass vulnerability related to the 'AcceptEnv'
configuration setting in 'sshd_config' and wildcards. An attacker can
bypass environment restrictions by using a specially crafted request.

See also :

http://www.openssh.com/txt/release-6.6

Solution :

Upgrade to OpenSSH 6.6 or later.

Risk factor :

Low / CVSS Base Score : 1.9
(CVSS2#AV:L/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 1.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 73079 ()

Bugtraq ID: 66355

CVE ID: CVE-2014-2532