OpenSSH < 4.4 Multiple GSSAPI Vulnerabilities
High Nessus Network Monitor Plugin ID 3751
SynopsisThe remote host is vulnerable to a Denial of Service (DoS) attack.
DescriptionThe remote host is running a version of OpenSSH that is vulnerable to a flaw in the way that it handles GSSAPI authentication. If the SSH server is configured to utilize GSSAPI authentication then the host may be compromised by a remote attacker with access to the SSH port (typically 22). Successful exploitation would result in a Denial of Service (i.e. loss of availability).
Note: PVS has solely relied on the banner of the SSH client to perform this check. Any backported patches or workarounds such as recompiling or edited configurations are not observable through the banner.
SolutionUpgrade to version 4.4 or higher.