Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

SSH < 1.2.28 Kerberos NFS Share Ticket Disclosure

Low

Synopsis

The remote host is vulnerable to a flaw that allows attackers to retrieve sensitive files or data.

Description

The remote host is running a version of SSH which is older (or as old as) version 1.2.27. If it was compiled with Kerberos support, an attacker may exploit a bug in the Kerberos implementation and may eavesdrop the ticket cache of the users.

Solution

Use SSH-1.2.28 or higher.