[Bug 3800] OpenSSH 9.9p2 Minor Version Detection Issue in Qualys/Tenable for CVE-2025-26465 & CVE-2025-26466
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Tue Mar 11 10:36:18 AEDT 2025
https://bugzilla.mindrot.org/show_bug.cgi?id=3800
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Severity|security |minor
Status|NEW |RESOLVED
Resolution|--- |WONTFIX
CC| |djm at mindrot.org
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
The patch version is intentionally not shown. If you want to put
additional version information in the banner string you can use the
existing VersionAddendum option in sshd_config.
Opinion: vulnerability scanners should look for vulnerabilities and not
blindly check version strings.
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list