Hi
We got a report that core FTP mini server version 2.3.3 is vulnerable for "SSH Protocol Authentication Bypass (Remote Exploit Check)"
This was detected with a Nessus port scanner.
As the exploit is very old, i guess this is a wrong positive.
But whats the argument against the security guys?
Thanks and best
Bruno
SSH Protocol Authentication Bypass (Remote Exploit Check)
-
ForumAdmin
- Site Admin
- Posts: 997
- Joined: Mon Mar 24, 2003 4:37 am
Re: SSH Protocol Authentication Bypass (Remote Exploit Check)
This looks to be a libssh issue and may not apply to Core FTP software.
If there is an example of this bypass, please forward to feedback at coreftp.com
If there is an example of this bypass, please forward to feedback at coreftp.com