SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795)
The remote SSH server is vulnerable to a man-in-the-middle prefix truncation weakness known as Terrapin. This can
allow a remote, man-in-the-middle attacker to bypass integrity checks and downgrade the connection's security.
Note that this plugin only checks for remote SSH servers that support either ChaCha20-Poly1305 or CBC with
Encrypt-then-MAC and do not support the strict key exchange countermeasures. It does not check for vulnerable software
versions.
Javasolt megoldás
Contact the vendor for an update with the strict key exchange countermeasures or disable the affected algorithms.
SSH Server CBC Mode Ciphers Enabled
The SSH server is configured to support Cipher Block Chaining (CBC)
encryption. This may allow an attacker to recover the plaintext message
from the ciphertext.
Note that this plugin only checks for the options of the SSH server and
does not check for vulnerable software versions.
Javasolt megoldás
Contact the vendor or consult product documentation to disable CBC mode
cipher encryption, and enable CTR or GCM cipher mode encryption.
SSH Weak Key Exchange Algorithms Enabled
Plugin ID: 153953
Port: tcp/22
The remote SSH server is configured to allow key exchange algorithms which are considered weak.
This is based on the IETF draft document Key Exchange (KEX) Method Updates and Recommendations for Secure Shell (SSH)
RFC9142. Section 4 lists guidance on key exchange algorithms that SHOULD NOT and MUST NOT be
enabled. This includes:
diffie-hellman-group-exchange-sha1
diffie-hellman-group1-sha1
gss-gex-sha1-*
gss-group1-sha1-*
gss-group14-sha1-*
rsa1024-sha1
Note that this plugin only checks for the options of the SSH server, and it does not check for vulnerable software
versions.
Javasolt megoldás
Contact the vendor or consult product documentation to disable the weak algorithms.