SSH ssh-keygen with Secure-RPC SUN-DES-1 Phrase Recovery

low Nessus Plugin ID 11340

Synopsis

The remote SSH server might allow a local user to recover a SUN-DES-1 passphrase.

Description

The remote host is running a version of SSH Communications Security SSH comprised between versions 1.2.27 and 1.2.30. With Secure-RPC, this version can allow local attackers to recover a SUN-DES-1 magic phrase generated by another user, which the attacker can use to decrypt that user's private key file.

Solution

Download and install the newest version of this software.

Plugin Details

Severity: Low

ID: 11340

File Name: ssh_keygen.nasl

Version: 1.16

Type: remote

Family: Misc.

Published: 3/10/2003

Updated: 8/22/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.0

CVSS v2

Risk Factor: Low

Base Score: 2.6

Temporal Score: 2

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 1/16/2001

Reference Information

CVE: CVE-2001-0259

BID: 2222