Mailing List Archive

openssh 50.nasl and paranoia
I have just run Nessus with the paranoid option against three systems. I
believe all three are instances of Firewall-1 (ports 264/tcp and 500/udp

For the three systems the SSH banners were: SSH-1.99-OpenSSH_3.1p1
xx.yy.zz.249 SSH-1.99-OpenSSH-3.8.1p1
xx.yy.zz.254 SSH-1.99-OpenSSH-3.1p1

Only the middle system (xx.yy.zz.249) was reported vulnerable by
openssh_50.nasl. Yet all three appear to be running a version of SSH that is
older than 5.0.

Looking at it appears that the banner OpenSSH-3.1p1 is
converted to OpenSSH_9.9.99. However, the comments in seem to
suggest that this conversion to OpenSSH_9.9.99 is only relevant for Red Hat

Is this correct?

Nessus identified the first and third systems as FreeBSD 4.4 while the
second system was identified as Windows - this was the only system that the
vulnerability was reported against.

>From the description of CVE-2008-1483 it seems that the vulnerability
applies to FreeBSD. But, I don't know whether the banner changes on FreeBSD.
Plugins-writers mailing list