Intrusion Prevention

OpenSSH.kbdint_next_device.Policy.Bypass

Description

This indicates an attack attempt to exploit a Security Bypass vulnerability in OpenSSH..
The vulnerability is due to an error when vulnerable module handles a maliciously crafted request. An attacker can exploit this to brute force and bypass authentication in the affected application. This signature detects for 30 malicious requests within 60 seconds, please adjust the rate in the CLI according to your needs.

Affected Products

OpenSSH OpenSSH Prior to 7.0

Impact

Security Bypass: Remote attackers can bypass security checks of vulnerable systems

Recommended Actions

Upgrade to the latest version available from the website.
http://www.openssh.com/txt/release-7.0

CVE References

CVE-2015-5600