|Applies To||Appliance 3.0|
Appliance service discloses version information (generic-service-version-disclosure)
A service was found to be running that provides detailed version information. This information can be used to determine what vulnerabilities may exist in the service, assisting malicious users in launching more targeted attacks.
Disable or obfuscate the version information returned by the service, if possible.
The service reported is OpenSSH 4.9. Obfuscating the version for OpenSSH is not possible. The version identification string is part of the Protocol Version Exchange for SSH which follows the RFC standards for connections. Please see RFC4253 Section 4.2 ?Protocol Version Exchange? for more details.
|Legacy Article ID||a48427|