Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Portable OpenSSH < 3.7.1p2 Multiple PAM Vulnerabilities

Medium

Synopsis

The remote host is vulnerable to a flaw that allows for the bypassing of authentication.

Description

The remote host is portable OpenSSH 3.7p1 or 3.7.1p1. Versions older than 3.7.1p2 are vulnerable to a flaws that handle PAM authentication and may allow an attacker to gain a shell on this host.

Solution

Upgrade to OpenSSH 3.7.1p2 or higher or disable PAM support in sshd_config.