This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
Andreas Schneider reports :
libssh versions 0.5.1 and above have a logical error in the handling
of a SSH_MSG_NEWKEYS and SSH_MSG_KEXDH_REPLY package. A detected error
did not set the session into the error state correctly and further
processed the packet which leads to a NULL pointer dereference. This
is the packet after the initial key exchange and doesn't require
This could be used for a Denial of Service (DoS) attack.
See also :
Update the affected package.
Risk factor :
Medium / CVSS Base Score : 5.0