SunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure
Critical Nessus Plugin ID 55992
SynopsisThe SSH service running on the remote host has an information disclosure vulnerability.
DescriptionThe version of SunSSH running on the remote host has an information disclosure vulnerability. A design flaw in the SSH specification could allow a man-in-the-middle attacker to recover up to 32 bits of plaintext from an SSH-protected connection in the standard configuration. An attacker could exploit this to gain access to sensitive information.
Note that this version of SunSSH is also prone to several additional issues but Nessus did not test for them.
SolutionUpgrade to SunSSH 1.1.1 / 1.3 or later