Home page logo
/

bugtraq logo Bugtraq mailing list archives

vulnerability diagnosis in "nessus" incorrect...
From: Bruce Campbell <bruce () engmail uwaterloo ca>
Date: Sun, 4 Nov 2001 16:20:44 -0500 (EST)


concerning remote root exploit vulnerability in ssh prior to 1.2.32...

vulnerability diagnosis in "nessus" incorrect leading to possible false
sense of security.

As you know, ssh prior to 1.2.32 is vulnerable to remote
root exploit.  The diagnostic from security vulnerability
detector tool www.nessus.org incorrectly identifies the
risk as a command insertion vulnerability.  The difference in
risk is huge, and I believe the false diagnostic from nessus
could give users a false sense of security.


http://cgi.nessus.org/plugins/dump.php3?id=10607

says...

You are running a version of SSH which is older than version 1.2.32, or a
version of OpenSSH which is older than 2.3.0.

This version is vulnerable to a flaw which allows an attacker to insert
arbitrary commands in a ssh stream.

Solution : Upgrade to version 1.2.32 of SSH which solves this problem, or
to version 2.3.0 of OpenSSH

http://www.core-sdi.com/advisories/ssh1_deattack.htm

Risk factor : High



------------------------------------------------------------------------
Bruce Campbell
Engineering Computing
University of Waterloo
http://www.eng.uwaterloo.ca/~bruce/
519-888-4567 ext. 5889
PGP Key: http://www.eng.uwaterloo.ca/~bruce/public.txt





  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]