OpenSSH 2.5.x - 2.9 Multiple Vulnerabilities

high Nessus Plugin ID 10771


The remote version of OpenSSH contains multiple vulnerabilities.


According to its banner, the remote host appears to be running OpenSSH version between 2.5.x and 2.9. Such versions reportedly contain multiple vulnerabilities :

- sftp-server does not respect the 'command=' argument of keys in the authorized_keys2 file. (CVE-2001-0816)

- sshd does not properly handle the 'from=' argument of keys in the authorized_keys2 file. If a key of one type (e.g. RSA) is followed by a key of another type (e.g. DSA) then the options for the latter will be applied to the former, including 'from=' restrictions. This problem allows users to circumvent the system policy and login from disallowed source IP addresses. (CVE-2001-1380)


Upgrade to OpenSSH 2.9.9

See Also

Plugin Details

Severity: High

ID: 10771

File Name: openssh_adv_option.nasl

Version: 1.31

Type: remote

Family: Misc.

Published: 9/28/2001

Updated: 3/27/2024

Supported Sensors: Nessus

Risk Information


Risk Factor: Medium

Score: 5.3


Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:openbsd:openssh

Required KB Items: installed_sw/OpenSSH

Exploit Ease: No known exploits are available

Patch Publication Date: 9/26/2001

Vulnerability Publication Date: 9/26/2001

Reference Information

CVE: CVE-2001-0816, CVE-2001-1380

BID: 3345, 3369

CERT: 905795