2021-04-11 13:16:48 +00:00
|
|
|
id: openssh-5.3-detect
|
2021-04-11 13:02:20 +00:00
|
|
|
|
|
|
|
info:
|
|
|
|
name: OpenSSH 5.3 Detection
|
|
|
|
author: iamthefrogy
|
|
|
|
severity: low
|
2021-04-11 13:16:48 +00:00
|
|
|
tags: network,openssh
|
|
|
|
description: OpenSSH 5.3 is vulnerable to username enumeraiton and DoS vulnerabilities.
|
|
|
|
reference: |
|
|
|
|
- http://seclists.org/fulldisclosure/2016/Jul/51
|
|
|
|
- https://security-tracker.debian.org/tracker/CVE-2016-6210
|
|
|
|
- http://openwall.com/lists/oss-security/2016/08/01/2
|
2021-04-11 13:02:20 +00:00
|
|
|
|
|
|
|
network:
|
|
|
|
- host:
|
2021-04-11 13:16:48 +00:00
|
|
|
- "{{Hostname}}"
|
2021-04-11 13:02:20 +00:00
|
|
|
- "{{Hostname}}:22"
|
|
|
|
matchers:
|
|
|
|
- type: word
|
|
|
|
words:
|
2021-04-11 13:16:48 +00:00
|
|
|
- "SSH-2.0-OpenSSH_5.3"
|