OpenSSH 2.3.1 SSHv2 Public Key Authentication Bypass
High Nessus Plugin ID 10608
SynopsisThe remote host has an application that is affected by a authentication bypass vulnerability.
DescriptionAccording to its banner, the remote host is running OpenSSH 2.3.1.
This version is vulnerable to a flaw that allows any attacker who can obtain the public key of a valid SSH user to log into this host without any authentication.
SolutionUpgrade to OpenSSH 2.3.2.