From owner-freebsd-questions@FreeBSD.ORG Mon Jul 19 19:57:46 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DD5C116A4CE for ; Mon, 19 Jul 2004 19:57:46 +0000 (GMT) Received: from cactus.fi.uba.ar (cactus.fi.uba.ar [157.92.49.108]) by mx1.FreeBSD.org (Postfix) with ESMTP id D247043D53 for ; Mon, 19 Jul 2004 19:57:45 +0000 (GMT) (envelope-from fgleiser@cactus.fi.uba.ar) Received: from localhost (localhost [127.0.0.1]) by cactus.fi.uba.ar (8.12.11/8.12.11) with ESMTP id i6JJvmK1095040; Mon, 19 Jul 2004 16:57:48 -0300 (ART) (envelope-from fgleiser@cactus.fi.uba.ar) Date: Mon, 19 Jul 2004 16:57:48 -0300 (ART) From: Fernando Gleiser To: Ray Seals In-Reply-To: <1090257278.579.9.camel@mgl.magellanhealth.com> Message-ID: <20040719165349.J11293@cactus.fi.uba.ar> References: <1090257278.579.9.camel@mgl.magellanhealth.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Score: -104.901 () BAYES_00,USER_IN_WHITELIST X-Scanned-By: MIMEDefang 2.42 cc: "freebsd-questions@FreeBSD.org" Subject: Re: Nessus scan of FreeBSD 5.2.1 shows old version of ssh X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Jul 2004 19:57:47 -0000 On Mon, 19 Jul 2004, Ray Seals wrote: > I just ran a Nessus scan against one of my machines. The scan triggered > on a version of ssh older than 3.7.1. It's a false positive. Nessus just checks the version number, it doesn't try to exploit the vulnerability to find if the system is indeed vulnerable. The sshd version in FreeBSD is older, but it's patched and not vulnerable. Don't worry about it. > > I ran /usr/bin/ssh -v and found that I have version 3.6.1p1. I'm Fer