OpenSSH < 4.0 known_hosts Plaintext Host Information Disclosure

Low Nessus Plugin ID 44075


The remote SSH server is affected by an information disclosure vulnerability.


According to its banner, the remote host is running a version of OpenSSH prior to 4.0. Versions of OpenSSH earlier than 4.0 are affected by an information disclosure vulnerability because the application stores hostnames, IP addresses, and keys in plaintext in the 'known_hosts' file. A local attacker, exploiting this flaw, could gain access to sensitive information that could be used in subsequent attacks.


Upgrade to OpenSSH 4.0 or later.

See Also

Plugin Details

Severity: Low

ID: 44075

File Name: openssh_40.nasl

Version: $Revision: 1.6 $

Type: remote

Family: Misc.

Published: 2011/10/04

Modified: 2016/12/07

Dependencies: 10267

Risk Information

Risk Factor: Low


Base Score: 1.2

Vector: CVSS2#AV:L/AC:H/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:openbsd:openssh

Patch Publication Date: 2005/03/09

Vulnerability Publication Date: 2005/08/23

Reference Information

CVE: CVE-2005-2666, CVE-2007-4654, CVE-2004-2760

OSVDB: 39165, 45873, 49386

CWE: 16, 255, 399