SSH RSAREF Library Multiple Overflows (deprecated)

High Nessus Network Monitor Plugin ID 1972

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is running a version of SSH which is older (or as old as) 1.2.27. If this version was compiled against the RSAREF library (which can not be determined remotely), then it is very likely to be vulnerable to a buffer overflow that may allow an attacker to obtain a root shell on this host. To determine if SSH has been compiled against the RSAREF library, log into the remote host and type 'ssh -V'

Solution

Upgrade to SSH 2.x or do not use the RSAREF library.

See Also

http://archives.neohapsis.com/archives/bugtraq/1999-q4/0169.html

Plugin Details

Severity: High

ID: 1972

File Name: 1972.prm

Family: SSH

Published: 2004/08/20

Modified: 2016/01/22

Dependencies: 1967, 3059

Nessus ID: 10269

Risk Information

Risk Factor: High

CVSSv2

Base Score: 9.3

Temporal Score: 8.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:U/RC:ND

CVSSv3

Base Score: 8.1

Temporal Score: 7.9

Vector: CVSS3#AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:F/RL:U/RC:X

Reference Information

CVE: CVE-1999-0834

BID: 843

OSVDB: 213