Oval Definition:oval:org.mitre.oval:def:3505
Revision Date:2005-10-12Version:17
Title:sshd Log Bypass Vulnerability
Description:The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0.0.0.0, which makes it easier for remote attackers to hide the source of their activities.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2004-1357
Platform(s):Sun Solaris 9
Product(s):sshd
Definition Synopsis
  • Software section
  • Solaris 9 Installed
  • AND Secure Shell Server - Usr (SUNWsshdu) installed
  • AND NOT Patch 113273-05 or later installed
  • AND Configuration section
  • /etc/ssh/sshd_config has 0.0.0.0 as ListenAddress
  • AND sshd running
    • BACK