Intrusion Prevention
OpenSSH.Server.Roaming.key.Exchange.Algorithm.Detection
Description
This indicates an attack attempt against an Information Disclosure vulnerability in OpenSSH Client.
The vulnerability is caused by an error when the vulnerable software connects with a malicious ssh server. A remote attacker can exploit this to gain private keys from vulnerable clients.
Affected Products
OpenSSH 5.x, 6.x, and 7.x before 7.1p2
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor:
http://www.openssh.com/txt/release-7.1p2