Security for everyone

OpenSSH Detection Scanner

You can find OpenSSH client using this tool.

SCAN NOW

Short Info


Level

Low

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

7 sec

Scan only one

Domain, Ipv4

Parent Category

OpenSSH Detection Scanner Detail

Versions of OpenSSH server before 5.7 may be affected by the following vulnerabilities :

  • A security bypass vulnerability because OpenSSH does not properly validate the public parameters in the J-PAKE protocol. This could allow an attacker to authenticate without the shared secret. Note that this issue is only exploitable when OpenSSH is built with J-PAKE support, which is currently experimental and disabled by default. (CVE-2010-4478)
  • The auth_parse options function in auth-options.c in sshd provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages. (CVE-2012-0841)

cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture