OpenSSH Kerberos TGT/AFS Token Passing Remote Overflow
High Nessus Plugin ID 10954
SynopsisArbitrary code may be run on the remote host.
DescriptionYou are running a version of OpenSSH older than OpenSSH 3.2.1.
A buffer overflow exists in the daemon if AFS is enabled on your system, or if the options KerberosTgtPassing or AFSTokenPassing are enabled. Even in this scenario, the vulnerability may be avoided by enabling UsePrivilegeSeparation.
Versions prior to 2.9.9 are vulnerable to a remote root exploit. Versions prior to 3.2.1 are vulnerable to a local root exploit.
SolutionUpgrade to version 3.2.1 or later.