Xampp SSH

Problems with the Windows version of XAMPP, questions, comments, and anything related.

Xampp SSH

Postby skachy » 02. March 2011 10:23


I just ran a security check on our server and it showed this :

OpenSSH < 3.1 Channel Code Off by One Remote Privilege Escalation
ssh (22/tcp)

Arbitrary code may be run on the remote host.
You are running a version of OpenSSH which is older than 3.1.
Versions prior than 3.1 are vulnerable to an off by one error that allows local users to gain root access, and it may be possible for remote users to
similarly compromise the daemon for remote access.
In addition, a vulnerable SSH client may be compromised by connecting to a malicious SSH daemon that exploits this vulnerability in the client code,
thus compromising the client system.
Upgrade to OpenSSH 3.1 or apply the patch for prior versions. (See: http://www.openssh.org)
Risk factor:
Critical !!! / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true
CVE : CVE-2002-0083
BID : 4241
Other references : OSVDB:730, CWE:189

Can I somehow update the version of SSH in Xampp ? I am running the Windows 2008 R2 Web Server with Xampp 1.7.3 installed.


Last edited by skachy on 02. March 2011 11:44, edited 1 time in total.
Posts: 7
Joined: 02. March 2011 10:19

Re: Xampp SSH

Postby Sharley » 02. March 2011 11:33

skachy wrote:Can I somehow update the version of SSH in Xampp ?
As far as I know there is no OpenSSH in any XAMPP version by default.

If your version has an OpenSSH app then you or some other third party app has installed it.

What is the location in the XAMPP tree of OpenSSH?

Only OpenSSL is included in XAMPP by default but not OpenSSH.

There is no OpenSSH in XAMPP 1.7.3 but it may be included in your Windows server.
User avatar
AF Moderator
Posts: 3316
Joined: 03. October 2008 05:10
Location: Yeppoon, Australia Time Zone: GMT/UTC+10
Operating System: Win 7 Pro 32bit/XP Pro SP3

Return to XAMPP for Windows

Who is online

Users browsing this forum: No registered users and 63 guests