From f691f574d6375c09f36e7a6ed57799def579db51 Mon Sep 17 00:00:00 2001
From: Chintan Gurjar <chintangurjar@outlook.com>
Date: Sun, 11 Apr 2021 14:02:20 +0100
Subject: [PATCH] detect openssh5.3

---
 network/openssh5.3-detect.yaml | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 network/openssh5.3-detect.yaml

diff --git a/network/openssh5.3-detect.yaml b/network/openssh5.3-detect.yaml
new file mode 100644
index 0000000000..ac9f67fc5b
--- /dev/null
+++ b/network/openssh5.3-detect.yaml
@@ -0,0 +1,23 @@
+id: OpenSSH-5.3-detect
+
+info:
+  name: OpenSSH 5.3 Detection
+  author: iamthefrogy
+  severity: low
+  tags: network, openssh
+  
+
+
+# OpenSSH 5.3 is vulnerable to username enumeraiton and DoS vulnerabilities with below 2 CVEs
+# --------------------------------------------------------------------------------------------
+# http://seclists.org/fulldisclosure/2016/Jul/51
+# https://security-tracker.debian.org/tracker/CVE-2016-6210
+# http://openwall.com/lists/oss-security/2016/08/01/2
+
+network:
+  - host:
+      - "{{Hostname}}:22"
+    matchers:
+      - type: word
+        words:
+          - "SSH-2.0-OpenSSH_5.3"