SSH Protocol Version 1 Session Key Retrieval

High Nessus Plugin ID 10882


The remote service offers an insecure cryptographic protocol.


The remote SSH daemon supports connections made using the version 1.33 and/or 1.5 of the SSH protocol.

These protocols are not completely cryptographically safe so they should not be used.


Disable compatibility with version 1 of the protocol.

Plugin Details

Severity: High

ID: 10882

File Name: ssh1_proto_enabled.nasl

Version: $Revision: 1.32 $

Type: remote

Family: General

Published: 2002/03/06

Modified: 2018/02/20

Dependencies: 10881

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

Exploit Available: false

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 2001/02/06

Reference Information

CVE: CVE-2001-0361, CVE-2001-0572, CVE-2001-1473

BID: 2344

OSVDB: 2116, 3561, 18232

CWE: 310