• Home
  • Encyclopedia
  • IPS
  • OpenSSH.Server.Roaming.key.Exchange.Algorithm.Detection

At a glance:

ID 41977
Created Jan 27, 2016
Description Updated Nov 21, 2019
Severity
Coverage IPS (Regular DB)
IPS (Extended DB)
Default Action drop
Active
Affected OS Windows, Linux, BSD, Solaris
Affected App Other

Legend

Enabled/Available
Disabled/Not Avaliable

Update History

Date Version Detail
2016-01-27 6.779 *
2016-03-07 7.806 Default_action updated to 'drop' from 'pass'

Intrusion Prevention

OpenSSH.Server.Roaming.key.Exchange.Algorithm.Detection

Description

This indicates an attack attempt against an Information Disclosure vulnerability in OpenSSH Client.
The vulnerability is caused by an error when the vulnerable software connects with a malicious ssh server. A remote attacker can exploit this to gain private keys from vulnerable clients.

Affected Products

OpenSSH 5.x, 6.x, and 7.x before 7.1p2

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor:
http://www.openssh.com/txt/release-7.1p2

CVE References

CVE-2016-0778 CVE-2016-0777

Other References

https://www.qualys.com/2016/01/14/cve-2016-0777-cve-2016-0778/openssh-cve-2016-0777-cve-2016-0778.txt