SSH Weak Algorithms Supported

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote SSH server is configured to allow weak encryption
algorithms or no algorithm at all.

Description :

Nessus has detected that the remote SSH server is configured to use
the Arcfour stream cipher or no cipher at all. RFC 4253 advises
against using Arcfour due to an issue with weak keys.

See also :

https://tools.ietf.org/html/rfc4253#section-6.3

Solution :

Contact the vendor or consult product documentation to remove the weak
ciphers.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)

Family: Misc.

Nessus Plugin ID: 90317 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now