SSH Weak MAC Algorithms Enabled

low Nessus Plugin ID 71049

Synopsis

The remote SSH server is configured to allow MD5 and 96-bit MAC algorithms.

Description

The remote SSH server is configured to allow either MD5 or 96-bit MAC algorithms, both of which are considered weak.

Note that this plugin only checks for the options of the SSH server, and it does not check for vulnerable software versions.

Solution

Contact the vendor or consult product documentation to disable MD5 and 96-bit MAC algorithms.

Plugin Details

Severity: Low

ID: 71049

File Name: ssh_weak_hmac_enabled.nasl

Version: Revision: 1.4

Type: remote

Family: Misc.

Published: 11/22/2013

Updated: 12/14/2016

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Low

Base Score: 2.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N