detect openssh5.3

network/openssh5.3-detect.yaml

@@ -0,0 +1,23 @@
+id: OpenSSH-5.3-detect
+
+info:
+  name: OpenSSH 5.3 Detection
+  author: iamthefrogy
+  severity: low
+  tags: network, openssh
+  
+
+
+# OpenSSH 5.3 is vulnerable to username enumeraiton and DoS vulnerabilities with below 2 CVEs
+# --------------------------------------------------------------------------------------------
+# http://seclists.org/fulldisclosure/2016/Jul/51
+# https://security-tracker.debian.org/tracker/CVE-2016-6210
+# http://openwall.com/lists/oss-security/2016/08/01/2
+
+network:
+  - host:
+      - "{{Hostname}}:22"
+    matchers:
+      - type: word
+        words:
+          - "SSH-2.0-OpenSSH_5.3"