dennis.jackson at ndirect
Feb 11, 2009, 9:48 AM
Post #1 of 1
(1704 views)
Permalink
|
|
openssh 50.nasl and paranoia
|
|
I have just run Nessus with the paranoid option against three systems. I
believe all three are instances of Firewall-1 (ports 264/tcp and 500/udp
open).
For the three systems the SSH banners were:
aa.bb.cc.2 SSH-1.99-OpenSSH_3.1p1
xx.yy.zz.249 SSH-1.99-OpenSSH-3.8.1p1
xx.yy.zz.254 SSH-1.99-OpenSSH-3.1p1
Only the middle system (xx.yy.zz.249) was reported vulnerable by
openssh_50.nasl. Yet all three appear to be running a version of SSH that is
older than 5.0.
Looking at backport.inc it appears that the banner OpenSSH-3.1p1 is
converted to OpenSSH_9.9.99. However, the comments in backport.inc seem to
suggest that this conversion to OpenSSH_9.9.99 is only relevant for Red Hat
systems.
Is this correct?
Nessus identified the first and third systems as FreeBSD 4.4 while the
second system was identified as Windows - this was the only system that the
vulnerability was reported against.
>From the description of CVE-2008-1483 it seems that the vulnerability
applies to FreeBSD. But, I don't know whether the banner changes on FreeBSD.
_______________________________________________
Plugins-writers mailing list
Plugins-writers [at] list
http://mail.nessus.org/mailman/listinfo/plugins-writers
|
