TANDBERG Video Communication Server Static SSH Host Keys

This script is Copyright (C) 2010-2017 Tenable Network Security, Inc.

Synopsis :

The remote SSH service uses a static host key.

Description :

The remote device appears to be a TANDBERG Video Communication Server
(VCS), an appliance supporting interoperation of video conferencing
and unified communications devices.

The fingerprint for the SSH service running on this device matches
that of the host key distributed with some versions of the VCS

Knowing this, a remote attacker may be able to impersonate or conduct
man-in-the-middle attacks and gain shell access to the affected

See also :


Solution :

Generate a new SSH host key and use it in place of the current one.
Then upgrade to VCS firmware version 5.1.1 or later.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.7
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 45545 ()

Bugtraq ID: 39389

CVE ID: CVE-2009-4510

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now