Red Hat Enterprise Linux OpenSSH ChrootDirectory Local Privilege Escalation
Medium Nessus Plugin ID 17706
SynopsisThe SSH server running on the remote host has a privilege escalation vulnerability.
DescriptionAccording to its banner, the version of OpenSSH running on the remote host may have a privilege escalation vulnerability. OpenSSH on Red Hat Enterprise Linux 5, Fedora 11, and possibly other platforms use an insecure implementation of the 'ChrootDirectory' configuration setting, which could allow privilege escalation. Upstream OpenSSH is not affected.
The fix for this issue does not change the version in the OpenSSH banner, so this may be a false positive.
SolutionApply the appropriate patch listed in Red Hat security advisory RHSA-2009:1470-1.