| VID |
14161 |
| Severity |
40 |
| Port |
22 |
| Protocol |
TCP |
| Class |
SSH |
| Detailed Description |
The version of OpenSSH installed on the remote host is prior to 9.9p2. It is, therefore, affected by a vulnerability as referenced in the release-9.9p2 advisory.
- sshd(8) in OpenSSH versions 9.5p1 to 9.9p1 (inclusive) is vulnerable to a memory/CPU denial-of-service related to the handling of SSH2_MSG_PING packets. This condition may be mitigated using the existing PerSourcePenalties feature.(CVE-2025-26466)
* References:
https://www.openssh.com/txt/release-9.9p2
* Platforms Affected:
OpenSSH prior to 9.9p2
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of OpenSSH (9.9p2 or later), available from the OpenSSH Web site at https://www.openssh.org/ |
| Related URL |
CVE-2025-26466 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
