virus logo Intrusion Prevention

OpenSSH.Server.Roaming.key.Exchange.Algorithm.Detection

description-logoDescription

This indicates an attack attempt against an Information Disclosure vulnerability in OpenSSH Client.
The vulnerability is caused by an error when the vulnerable software connects with a malicious ssh server. A remote attacker can exploit this to gain private keys from vulnerable clients.

affected-products-logoAffected Products

OpenSSH 5.x, 6.x, and 7.x before 7.1p2

Impact logoImpact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor:
http://www.openssh.com/txt/release-7.1p2

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2019-11-22 15.729
Modified
 Name:Openssh.
Server.
Roaming.
key.
Exchange.
Algorithm.
Detection:OpenSSH.
Server.
Roaming.
key.
Exchange.
Algorithm.
Detection

References

https://www.qualys.com/2016/01/14/cve-2016-0777-cve-2016-0778/openssh-cve-2016-0777-cve-2016-0778.txt
ID 41977
Created Jan 27, 2016
Updated May 02, 2022
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Exploit Prediction Score 70.41%
Default Action drop
Active
Affected OS Windows, Linux, BSD, Solaris
Affected App Other
Profile Type Information Disclosure