Detections
Analytics

OpenSSH < 4.9 'ForceCommand' Directive Bypass

medium Nessus Plugin ID 44079

Language:

Synopsis

The remote SSH service is affected by a security bypass vulnerability.

Description

According to its banner, the version of OpenSSH installed on the remote host is earlier than 4.9. It may allow a remote, authenticated user to bypass the 'sshd_config' 'ForceCommand' directive by modifying the '.ssh/rc' session file.

Solution

Upgrade to OpenSSH version 4.9 or later.

See Also

https://www.openssh.com/txt/release-4.9

Plugin Details

Severity: Medium

ID: 44079

File Name: openssh_49.nasl

Version: 1.6

Type: remote

Family: Misc.

Published: 10/4/2011

Updated: 3/27/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.1

CVSS v2

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 4.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:openbsd:openssh

Required KB Items: installed_sw/OpenSSH

Exploit Ease: No known exploits are available

Patch Publication Date: 3/30/2008

Vulnerability Publication Date: 3/30/2008

Reference Information

CVE: CVE-2008-1657

BID: 28531

CWE: 264