SSH Tectia Server < 5.0.1 Host Authentication Authorization Bypass
High Nessus Network Monitor Plugin ID 3329
SynopsisIt is possible to bypass the authentication of the remote SSH server.
DescriptionThe remote host is running the Tectia SSH Server. This version of Tectia is older than 5.0.1. Versions older than 5.0.1 are vulnerable to a flaw in which an attacker may bypass the authentication routine. However the SSH server must be configured to use Host-Based authentication only.
SolutionUpgrade to version 5.0.1 or higher.