SSH Multiple Remote Vulnerabilities

Medium Nessus Plugin ID 11195

Synopsis

It may be possible to crash the SSH server on the remote host.

Description

According to its banner, the remote SSH server is affected by one or more of the following vulnerabilities :

- CVE-2002-1357 (incorrect length)

- CVE-2002-1358 (lists with empty elements/empty strings)

- CVE-2002-1359 (large packets and large fields)

- CVE-2002-1360 (string fields with zeros)

The impact of successful exploitation of these vulnerabilities varies across products. In some cases, remote attackers will be able to execute arbitrary code with the privileges of the SSH process (usually root), although for the products currently tested, the maximum impact is believed to be just a denial of service.

Solution

Contact the vendor for an update.

See Also

http://www.rapid7.com/advisories/R7-0009.txt

https://seclists.org/vulnwatch/2002/q4/88

Plugin Details

Severity: Medium

ID: 11195

File Name: ssh_multivulns_16122002.nasl

Version: 1.27

Type: remote

Family: Misc.

Published: 2002/12/20

Updated: 2018/11/15

Dependencies: 10267, 11936

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2002/12/16

Exploitable With

Metasploit (PuTTY Buffer Overflow)

Reference Information

CVE: CVE-2002-1357, CVE-2002-1358, CVE-2002-1359, CVE-2002-1360

CERT-CC: CA-2002-36

CWE: 20, 119