OpenSSH < 3.7.1 Multiple Vulnerabilities

critical Nessus Network Monitor Plugin ID 701168


The remote SSH server is affected by various memory bugs.


According to its banner, the remote SSH server is running a version of OpenSSH older than 3.7.1. Such versions are vulnerable to a flaw in the buffer management functions that might allow an attacker to execute arbitrary commands on this host.

An exploit for this issue is rumored to exist.

Note that several distributions patched this hole without changing the version number of OpenSSH. Since NNM solely relied on the banner of the remote SSH server to perform this check, this might be a false positive.

If you are running a RedHat host, make sure that the command :

rpm -q openssh-server

returns :

openssh-server-3.1p1-13 (RedHat 7.x) openssh-server-3.4p1-7 (RedHat 8.0) openssh-server-3.5p1-11 (RedHat 9)


Upgrade to OpenSSH version 3.7.1 or later.

See Also

Plugin Details

Severity: Critical

ID: 701168

Family: SSH

Published: 8/21/2019

Updated: 8/21/2019

Nessus ID: 11837

Risk Information


Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:U/RL:OF/RC:C


Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Temporal Vector: E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:openbsd:openssh

Patch Publication Date: 9/16/2003

Vulnerability Publication Date: 9/16/2003

Reference Information

CVE: CVE-2003-0682, CVE-2003-0693, CVE-2003-0695, CVE-2004-2760