SSH < 1.2.28 Kerberos NFS Share Ticket Disclosure
Low Nessus Network Monitor Plugin ID 1977
SynopsisThe remote host is vulnerable to a flaw that allows attackers to retrieve sensitive files or data.
DescriptionThe remote host is running a version of SSH which is older (or as old as) version 1.2.27. If it was compiled with Kerberos support, an attacker may exploit a bug in the Kerberos implementation and may eavesdrop the ticket cache of the users.
SolutionUse SSH-1.2.28 or higher.