Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.50282
Category:Product detection
Title:Determine OS and list of installed packages via SSH login
Summary:This script will, if given a userid/password or; key to the remote system, login to that system, determine the OS it is running, and for; supported systems, extract the list of installed packages/rpms.
Description:Summary:
This script will, if given a userid/password or
key to the remote system, login to that system, determine the OS it is running, and for
supported systems, extract the list of installed packages/rpms.

Vulnerability Insight:
The ssh protocol is used to log in. If a specific port is
configured for the credential, then only this port will be tried. Else any port that offers
ssh, usually port 22.

Upon successful login, the command 'uname -a' is issued to find out about the type and version
of the operating system.

The result is analysed for various patterns and in several cases additional commands are tried
to find out more details and to confirm a detection.

The regular Linux distributions are detected this way as well as other unixoid systems and
also many Linux-based devices and appliances.

If the system offers a package database, for example RPM- or DEB-based, this full list of
installed packages is retrieved for further patch-level checks.

CVSS Score:
0.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:N

CopyrightCopyright (C) 2008 E-Soft Inc. http://www.securityspace.com & Tim Brown

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.