| VID |
14025 |
| Severity |
40 |
| Port |
22 |
| Protocol |
TCP |
| Class |
Ssh |
| Detailed Description |
The SSH on the server is version 2.3.1.
This version is vulnerable to a flaw which allows any attack who can obtain the public key of a valid SSH user to log into this host without any authentication. |
| Recommendation |
Downgrade to OpenSSH 2.3.0 or upgrade to OpenSSH 2.3.2 |
| Related URL |
CVE-2001-1585 (CVE) |
| Related URL |
2356 (SecurityFocus) |
| Related URL |
6084 (ISS) |
|
