F5 Networks BIG-IP : OpenSSH vulnerability (K14741)
Medium Nessus Plugin ID 84450
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionThe default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections. (CVE-2010-5107)
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K14741.