Code: p463 Severity: Warning
Description: Secure Shell (SSH) is used to remotely manage systems over encrypted TCP sessions. This event is generated when an attempt is made to exploit vulnerable versions of the SSH daemon. Impact: System compromize presenting the attacker with either the opportunity to execute arbitrary code with the privileges of the user running the SSH daemon (usually root) or a possible Denial of Service (DoS). Corrective: Upgrade to the latest non-affected version of the software. Apply the appropriate vendor supplied patches. Enable the privilege separation option in OpenSSH 3.3 if possible.
|
