OpenSSH vulnerabilties

Question

while undergoing a security audit several vulnerabilties were deteced in our system (F5 Big IP LTM 3600 11.4.1)&nbsp;
It appears that we are running OpenSSH 4.3p2&nbsp;
The vulnerabilities were :&nbsp;
OpenSSH Memory corruption vulnerability- Banner&nbsp;
Open SSH LoginGraceTime Denail of service&nbsp;
SSH Server Information Disclosure&nbsp;
OpenSSH ChallengeResponseAuthenticated User enumeration vulnerabilty&nbsp;
I was wondering the best method for patching and mitigating these, any help would be appreciated.&nbsp;

russell_moore_8 · Answer

It is unlikely that the scan produced accurate results.  As I recall the basic linux packages are from Redhat and Redhat does not increment its version numbers in a way that makes it easy to determine if you are using a version vulnerable or not.  They tend to keep a version for stability and backport patches for such things.  Your best bet is to get the codes for the vulnerabilities and check them on the F5 support site.&nbsp;
You can limit access to SSH to administrative networks which eliminates concerns over any current or undiscovered vulnerability.  &nbsp;

Forum Discussion

OpenSSH vulnerabilties

1 Reply

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

VIP in https that redirect to another vip in https

2026 301a exam

F5OS login with admin/root failed via console

UCS Encryption Question

Related Content

Post-Quantum Cryptography, OpenSSH, & s1ngularity supply chain attack

OpenSSH vulnerability

U.S. Government cuts, Majorana 1 Chip, CVEs for Mongoose and OpenSSH

Ransomware, OpenSSH, AI and Trust, Google Geofence Dec 10-17, 2023 - F5 SIRT - This Week in Security

OpenSSH Version upgrade on BIGIP LTM

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS