SSH < 1.2.25 CBC/CFB Data Stream Injection

Medium Nessus Network Monitor Plugin ID 1978

Synopsis

The remote host is vulnerable to an flaw that allows attackers to execute arbitrary commands.

Description

The remote host is running a version of SSH which is older than (or as old as) 1.2.23. This version is vulnerable to a known plaintext attack that may allow an attacker to insert encrypted packets in the client - server stream that will be deciphered by the server, thus allowing an attacker to execute arbitrary commands on the remote server.

Solution

Upgrade to SSH-1.2.25 or higher.

See Also

http://www.core-sdi.com/english/ssh

Plugin Details

Severity: Medium

ID: 1978

File Name: 1978.prm

Family: SSH

Published: 2004/08/20

Modified: 2016/01/30

Dependencies: 1967, 3059

Nessus ID: 10268

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 5.1

Temporal Score: 4.4

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

CVSSv3

Base Score: 5.6

Temporal Score: 5.4

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:X/RL:O/RC:C

Reference Information

CVE: CVE-1999-1085