Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
OpenSSH <= 3.7.1p2 Security Vulnerability
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
OpenSSH is susceptible to a remote denial-of-service vulnerability. This issue is due to a design flaw when servicing timeouts related to the 'LoginGraceTime' server-configuration directive. Specifically, when 'LoginGraceTime' in conjunction with 'MaxStartups' and 'UsePrivilegeSeparation' are configured and enabled in the server, a condition may arise where the server refuses further remote connection attempts.
Insight
Insight
Please see the references for more information on the vulnerabilities.
Affected Software
Affected Software
OpenSSH version 3.7.1p2 and prior.
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
Update to version 3.8 or later.