| VID |
14206 |
| Severity |
40 |
| Port |
22 |
| Protocol |
TCP |
| Class |
SSH |
| Detailed Description |
According to its banner, a version of OpenSSH earlier than version 7.3 is listening on this port. OpenSSH is an open source client and server implementation of the Secure Shell (SSH) protocol. OpenSSH prior to 7.3 is, affected by multiple vulnerabilities :
- A flaw exists that is due to the program returning shorter response times for authentication requests with overly long passwords for invalid users than for valid users. This may allow a remote attacker to conduct a timing attack and enumerate valid usernames. (CVE-2016-6210)
- A denial of service vulnerability exists in the auth_password() function in auth-passwd.c due to a failure to limit password lengths for password authentication. An unauthenticated, remote attacker can exploit this, via a long string, to consume excessive CPU resources, resulting in a denial of service condition. (CVE-2016-6515)
* Note: This check solely relied on the banner of the remote SSH server to assess this vulnerability, so this might be a false positive.
* References:
http://www.openssh.com/txt/release-7.3
* Platforms Affected:
OpenSSH version before 7.3
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of OpenSSH (7.3 or later), available from the OpenSSH Web site at http://www.openssh.org/ |
| Related URL |
CVE-2016-6210,CVE-2016-6515 (CVE) |
| Related URL |
92212 (SecurityFocus) |
| Related URL |
(ISS) |
|
