OpenSSH 5.3 Detection Scanner

Stay Up To Date
Asset Type


Need Membership


Asset Verify


API Support


Estimate Time (Second)


OpenSSH 5.3 Detection Scanner Detail

OpenSSH 5.3 is vulnerable to username enumeration and DoS vulnerabilities.

Versions of OpenSSH server before 5.7 may be affected by the following vulnerabilities :

  • A security bypass vulnerability because OpenSSH does not properly validate the public parameters in the J-PAKE protocol. This could allow an attacker to authenticate without the shared secret. Note that this issue is only exploitable when OpenSSH is built with J-PAKE support, which is currently experimental and disabled by default. (CVE-2010-4478)
  • The auth_parse options function in auth-options.c in sshd provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages. (CVE-2012-0841)

Some Advice for Common Problems

Upgrade to OpenSSH version 5.7 or later.

Need a Full Assessment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service