OpenSSH 2.5.x - 2.9 Multiple Vulnerabilities
High Nessus Plugin ID 10771
SynopsisThe remote version of OpenSSH contains multiple vulnerabilities.
DescriptionAccording to its banner, the remote host appears to be running OpenSSH version between 2.5.x and 2.9. Such versions reportedly contain multiple vulnerabilities :
- sftp-server does not respect the 'command=' argument of keys in the authorized_keys2 file. (CVE-2001-0816)
- sshd does not properly handle the 'from=' argument of keys in the authorized_keys2 file. If a key of one type (e.g. RSA) is followed by a key of another type (e.g. DSA) then the options for the latter will be applied to the former, including 'from=' restrictions. This problem allows users to circumvent the system policy and login from disallowed source IP addresses. (CVE-2001-1380)
SolutionUpgrade to OpenSSH 2.9.9