OpenSSH 2.3.1 SSHv2 Public Key Authentication Bypass

high Nessus Plugin ID 10608

Synopsis

The remote host has an application that is affected by a authentication bypass vulnerability.

Description

According to its banner, the remote host is running OpenSSH 2.3.1.

This version is vulnerable to a flaw that allows any attacker who can obtain the public key of a valid SSH user to log into this host without any authentication.

Solution

Upgrade to OpenSSH 2.3.2.

See Also

http://www.openbsd.org/advisories/ssh_bypass.txt

Plugin Details

Severity: High

ID: 10608

File Name: openssh_231.nasl

Version: 1.27

Type: remote

Family: Misc.

Published: 2/9/2001

Updated: 3/27/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:openbsd:openssh

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 2/8/2001

Reference Information

CVE: CVE-2001-1585

BID: 2356

CWE: 287