Am 03.01.2017 um 17:46 schrieb Michael Meyer:
*** Reindl Harald wrote:
the scan is from yesterday, the issues are months old (includinmg
the openssh windows bruteforce nonsense on linux machines with
key-only-auth on recent Fedora steups)
"openssh windows bruteforce nonsense on linux machines"?
* no windows machine
* no 'auth_password' at all
* linux distributions don't raise version numbers but release fixes
hence flagged as false positive yesterday since i not no longer can see
that red colored nonsense initially reported months ago
High (CVSS: 7.8)
NVT: OpenSSH 'auth_password' Denial of Service Vulnerability (Windows)
(OID: 1.3.6.1.4.1.25623.1.0.809121)
Product detection result: cpe:/a:openbsd:openssh:7.2 by SSH Server type
and version (OID: 1.3.6.1.4.1.25623.1.0.10267)
Installed version: 7.2
Fixed version: 7.3
_______________________________________________
Openvas-discuss mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
