| VID |
14046 |
| Severity |
30 |
| Port |
22 |
| Protocol |
TCP |
| Class |
SSH |
| Detailed Description |
The OpenSSH server, according to its banner, has a GSSAPI multiple vulnerabilities. OpenSSH is an open source client and server implementation of the Secure Shell (SSH) protocol. OpenSSH versions prior to 4.4 are vulnerable to multiple vulnerabilities as follows:
1) A remote attacker can exploit a GSSAPI authentication abort error to determine the validity of usernames on some platforms.
2) A remote attacker can exploit a race condition in an unsafe signal handler to cause denial of service conditions. On portable OpenSSH, a remote attacker may theoretically be able to exploit this flaw to execute arbitrary code if GSSAPI authentication is enabled.
* Note: This check solely relied on the banner of the remote SSH server to assess this vulnerability, so this might be a false positive.
* References:
http://www.openssh.com/txt/release-4.4
http://www.kb.cert.org/vuls/id/851340
http://www.arkoon.fr/upload/alertes/36AK-2006-07-FR-1.0_FAST360_OPENSSH.pdf
http://www.arkoon.fr/upload/alertes/43AK-2006-09-FR-1.0_SSL360_OPENSSH.pdf
http://www.securitytracker.com/alerts/2006/Sep/1016939.html
http://www.securitytracker.com/alerts/2006/Sep/1016940.html
http://www.frsirt.com/english/advisories/2006/4018
http://www.frsirt.com/english/advisories/2006/4329
http://secunia.com/advisories/22173
http://www.securityfocus.com/archive/1/archive/1/447861/100/200/threaded
* Platforms Affected:
OpenSSH version 4.3 and earlier versions
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of OpenSSH (4.4 or later), available from the OpenSSH Web site at http://www.openssh.org/ |
| Related URL |
CVE-2006-5051,CVE-2006-5052 (CVE) |
| Related URL |
20241,20245 (SecurityFocus) |
| Related URL |
29254,29255 (ISS) |
|
