OpenSSH 7.x < 7.1 PermitRootLogin Security Bypass

Low Nessus Plugin ID 85690


The SSH server running on the remote host is affected by a security bypass vulnerability.


According to its banner, the version of OpenSSH running on the remote host is 7.x prior to 7.1. It is, therefore, affected by a security bypass vulnerability due to a logic error that is triggered under certain compile-time configurations when PermitRootLogin is set to 'prohibit-password' or 'without-password'. An unauthenticated, remote attacker can exploit this to permit password authentication to root while preventing other forms of authentication.


Upgrade to OpenSSH 7.1 or later.

See Also

Plugin Details

Severity: Low

ID: 85690

File Name: openssh_71.nasl

Version: $Revision: 1.3 $

Type: remote

Family: Misc.

Published: 2015/08/28

Modified: 2015/10/22

Dependencies: 10267

Risk Information

Risk Factor: Low


Base Score: 2.6

Temporal Score: 1.9

Vector: CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:openbsd:openssh

Required KB Items: Settings/ParanoidReport

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2015/08/21

Vulnerability Publication Date: 2015/08/21

Reference Information

OSVDB: 126641