This script is Copyright (C) 2015 Tenable Network Security, Inc.
The SSH server running on the remote host is affected by multiple
According to its banner, the version of OpenSSH running on the remote
host is prior to 6.9. It is, therefore, affected by the following
- A flaw exists within the x11_open_helper() function in
the 'channels.c' file that allows connections to be
permitted after 'ForwardX11Timeout' has expired. A
remote attacker can exploit this to bypass timeout
checks and XSECURITY restrictions. (CVE-2015-5352)
- Various issues were addressed by fixing the weakness in
agent locking by increasing the failure delay, storing
the salted hash of the password, and using a timing-safe
- An out-of-bounds read error exists when handling
incorrect pattern lengths. A remote attacker can exploit
this to cause a denial of service or disclose sensitive
information in the memory.
- An out-of-bounds read error exists when parsing the
'EscapeChar' configuration option.
See also :
Upgrade to OpenSSH 6.9 or later.
Risk factor :
High / CVSS Base Score : 8.5
CVSS Temporal Score : 6.3
Public Exploit Available : false