Anonymous SFTP Enabled

info Nessus Plugin ID 72664

Synopsis

The remote SSH service supports anonymous SFTP logins.

Description

The remote SSH service supports anonymous SFTP logins. A remote user may connect and authenticate without providing unique credentials.

Solution

Disable anonymous SFTP if it is not required. Routinely check the server to ensure sensitive content is not available.

Plugin Details

Severity: Info

ID: 72664

File Name: sftp_anonymous.nasl

Version: Revision: 1.1

Type: remote

Family: General

Published: 2/24/2014

Updated: 2/24/2014

Supported Sensors: Nessus