OpenSSH 5.3 Detection Scanner Detail
OpenSSH 5.3 is vulnerable to username enumeration and DoS vulnerabilities.
Versions of OpenSSH server before 5.7 may be affected by the following vulnerabilities :
- A security bypass vulnerability because OpenSSH does not properly validate the public parameters in the J-PAKE protocol. This could allow an attacker to authenticate without the shared secret. Note that this issue is only exploitable when OpenSSH is built with J-PAKE support, which is currently experimental and disabled by default. (CVE-2010-4478)
- The auth_parse options function in auth-options.c in sshd provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages. (CVE-2012-0841)
Some Advice for Common Problems
Upgrade to OpenSSH version 5.7 or later.