OpenSSH < 3.7.1p2 Multiple Remote Vulnerabilities

This script is Copyright (C) 2003-2012 Tenable Network Security, Inc.

Synopsis :

The remote host has an application which may allow an
attacker to login potentially as root without password.

Description :

According to its banner, the remote host appears to be
running OpenSSH 3.7p1 or 3.7.1p1. These versions are
vulnerable to a flaw in the way they handle PAM
authentication when PrivilegeSeparation is disabled.

Successful exploitation of this issue may allow an
attacker to gain a shell on the remote host using a
null password.

Solution :

Upgrade to OpenSSH 3.7.1p2 or disable PAM support in sshd_config

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.7
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 11848 ()

Bugtraq ID: 8677

CVE ID: CVE-2003-0786

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now