SSH Server Vulnerabilities

by Ron Gula
October 8, 2012

Final

This dashboard was designed to focus on Nessus SSH service related vulnerability and audit data.

  • October 8th 2013, version 2,  SecurityCenter 4.7
  • Required Tools: Nessus 5.2.1

A large enterprise can yield a considerable amount of vulnerability data. The SSH dashboard brings focus to audit and vulnerability data purely related to the SSH services that Nessus servers find while performing vulnerability scans. The dashboard consists of 4 components which leverage the following plugins and must be enabled during scanning:

  • 10881 SSH Protocol Versions Supported
  • 10882 SSH Protocol Version 1 Session Key Retrieval

Additionally, it is recommended to leverage the SSH vulnerabilities bar graph component and that a SecurityCenter Full Safe scan template be leveraged to ensure all SSH service related vulnerabilities are reported.

The "SSH Miscellaneous" matrix component currently highlights common versions of SSH protocol support, as reported by plugin 10881. It also highlights if any port 22 related vulnerabilities reported via a Nessus server have been reported as having a public exploit available. If the dashboard user’s environment leverages a different port then modify the cell accordingly. Dashboard users may want to add rows to highlight SSH characteristics and properties that are of interest to them in their scan environment. Nessus returns lots of useful service audit data and new plugins are developed and released frequently. 

The "SSH 1.0 Supported Hosts" table component further refines SSH protocol support leveraging plugin 10882 to report on SSH Servers that support the 1.0 SSH protocol. 

The "SSH Vulnerabilities" component provides an overview of vulnerability risk reported on SSH port 22.

If the dashboard user’s environment leverages a different port then modify the component accordingly.

The "SSH Port Detection" component reports on any port where a Nessus server finds a SSH service.