Think you have a false positive on this rule?

Sid 1-19559

Message

INDICATOR-SCAN SSH brute force login attempt

Summary

freeSSHd.exe in freeSSHd through 1.2.6 allows remote attackers to bypass authentication via a crafted session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c.

Impact

CVSS base score 9.3 CVSS impact score 10.0 CVSS exploitability score 8.6 confidentialityImpact COMPLETE integrityImpact COMPLETE availabilityImpact COMPLETE

CVE-2012-6066:

CVSS base score 9.3

CVSS impact score 10.0

CVSS exploitability score 8.6

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2015-5600:

CVSS base score 8.5

CVSS impact score 7.8

CVSS exploitability score 10.0

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact COMPLETE

Detailed information

CVE-2012-6066: freeSSHd.exe in freeSSHd through 1.2.6 allows remote attackers to bypass authentication via a crafted session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c.

CVE-2015-5600: The kbdintnextdevice function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.

Affected systems

  • freesshd freesshd 1.2.1
  • freesshd freesshd 1.2.2
  • freesshd freesshd 1.2.6
  • openbsd openssh 6.9

Ease of attack

CVE-2012-6066:

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

CVE-2015-5600:

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

False positives

None known

False negatives

None known

Corrective action

Contributors

  • Talos research team.
  • This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology.
  • For more information see nvd.

Additional References