delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2025/03/05/14:31:33

DMARC-Filter: OpenDMARC Filter v1.4.2 delorie.com 525JVXrd064930
Authentication-Results: delorie.com; dmarc=pass (p=none dis=none) header.from=cygwin.com
Authentication-Results: delorie.com; spf=pass smtp.mailfrom=cygwin.com
DKIM-Filter: OpenDKIM Filter v2.11.0 delorie.com 525JVXrd064930
Authentication-Results: delorie.com;
dkim=pass (1024-bit key, unprotected) header.d=cygwin.com header.i=@cygwin.com header.a=rsa-sha256 header.s=default header.b=dyyjDFo5
X-Recipient: archive-cygwin AT delorie DOT com
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 8B8243858408
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com;
s=default; t=1741203092;
bh=ne1SRinpSAv1hVFoEqZIPksVuewhkD3C71z8RC2j7JE=;
h=To:Subject:Date:List-Id:List-Unsubscribe:List-Archive:List-Post:
List-Help:List-Subscribe:From:Reply-To:From;
b=dyyjDFo5l2r8kkQBr5VJMcQpFEhROvt76suK1acYUsByek3nv9AMubWpWDgraERSf
8Qi5yn60ZnqfY1mGDobzMLGNarPNdpYo5WVcRIFGt8dSsrvFV/FwRIYckV9oHyCkV9
+A4QfKQESAOsm7YisQq6TS+T8kJZPQceWZRQfWPM=
X-Original-To: cygwin AT cygwin DOT com
Delivered-To: cygwin AT cygwin DOT com
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 7E7113858C2D
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 7E7113858C2D
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1741203027; cv=none;
b=mg11M/ELZdjhXNZg4E+0QtvD+s3zSn6tvtz9JqBsGmurDegb1FfB8094r2YAsvCFBZ89EOPyMeYUnCYmFOdk9Mb94tl85jqxLAiL7iVhNNGrQMNB3p4JkCvhZoYKhd5HDtgorZy/p5YRybP/f3B0qo7/JuPNUGtjSdsev1jk5wc=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
t=1741203027; c=relaxed/simple;
bh=pgo9/VHVu3mBYiQix83VMIsOCHO4e15HVWpawXMt9T8=;
h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version;
b=o0khkA7yPacvZBbLZEo4wZegrGetgdK8bgmrSi3hqPZ17npZLG+pznVfpsUuHDCFejrFps1xtJJgpA6hg97YMgDfSaviHlXuLX1x0NeH5XBpsjHByzm0mhl+RcKDvluDFhulENupw6cmpYxXVoNW+BpN5asgeh1yp/qJERM4cNc=
ARC-Authentication-Results: i=1; server2.sourceware.org
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 7E7113858C2D
X-MC-Unique: h37iy8x2Mz2uCOk40_XKNg-1
X-Mimecast-MFC-AGG-ID: h37iy8x2Mz2uCOk40_XKNg_1741203024
To: "cygwin AT cygwin DOT com" <cygwin AT cygwin DOT com>
Subject: Cygwin OpenSSH version detection by Tenable
Thread-Topic: Cygwin OpenSSH version detection by Tenable
Thread-Index: AduOAPHOsHnB3EXRQw6wdpJBkEJJ6A==
Date: Wed, 5 Mar 2025 19:30:22 +0000
Message-ID: <PH0PR84MB18364E960950D1F0C2080315A5CB2@PH0PR84MB1836.NAMPRD84.PROD.OUTLOOK.COM>
Accept-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-bromium-msgid: 4e8af3c7-95d0-42ff-b7ca-b277252d9d84
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: PH0PR84MB1836:EE_|LV8PR84MB3968:EE_
x-ms-office365-filtering-correlation-id: a8044826-1b14-4aa7-2541-08dd5c1c2bfe
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|376014|366016|1800799024|38070700018
x-microsoft-antispam-message-info: =?us-ascii?Q?5Rq0bLzpGxzZB6eCnVeDkSbj9+tqDp+t0iKBwnL0BX1RzemDeP9QVPQqZrMy?=
=?us-ascii?Q?6sZmDDB2YLUfCu1RnhT31OreSF0LW5R/JwtfThvcNxjKjoWeKU0xJtPhsJoP?=
=?us-ascii?Q?lU0AudzK4OG0T1x573p/nyxUck/DUbPDV7rPrC0PU6VW37L3729MBI65m4/K?=
=?us-ascii?Q?vpsAeoIff/NZWlCR2X+AXNnNGgYsKqaz9baF7heVFJ0UHl5hlDK/2Tg3Mnsp?=
=?us-ascii?Q?Mf0TdbPQF3IeU8vU665XbxmFJHOJrOjhrmf02b/DAo3/wUVImu7YvvldcUpg?=
=?us-ascii?Q?7gKySMpnagQbWzRyGbz70P85lPb8UNThMUpxr7aeURdyoerEJ6YDHri81yeg?=
=?us-ascii?Q?sTsB4GUcpTh967AFAyEBJAR6VciV/RIKQB3PVlZSp65Auj36SfEiCquqiFF4?=
=?us-ascii?Q?Qu8t+PY7pbjK/8FLPFR6KN3K1ePRXajCBSnmuiAUjz54quQfoUA0HyboOqzs?=
=?us-ascii?Q?IwGTE644Mi4dnKetwwmX/LPp+oNgsfmN4VkV61HndLG2ZVT1ZN93tTDb9cJ+?=
=?us-ascii?Q?4g37CkwXbx2n0gcnmq/4naBLxLGIwkJD8GYW0rV9QzlSHIkwrAsZYjIlsA5n?=
=?us-ascii?Q?2Pv4E8u2tT3zlNYGRVdBgEWqihQe+0VulqrJUAD0w+jbJBhQD4UKiH8zcGNE?=
=?us-ascii?Q?J/CQB89GtmzNj+awopZHOz4l/ColF7yxfiRDk+ZGuiMcBMr4Ewya8yrKcJnS?=
=?us-ascii?Q?6uOK06oRzMhTv6B/J57ngbKcR57V3o5J0WKNpiKUG368XlXQGfLQrzi5e8vR?=
=?us-ascii?Q?v5ynavPrPnRrWhNvIMZbmMmM30TOOmo4YbpyKKa85UxvAkrWipw/5G9A6Owi?=
=?us-ascii?Q?ghBoTm24lq+DKpu/ElpO144rXTgDIUsTgL/+P173eRsX7b9Yl/EnXgbqrWAQ?=
=?us-ascii?Q?renES/So9133QtSUtRBvDqKHKcSaL0iG7U17uFYUJkpg34j61sw6G8/TgIlG?=
=?us-ascii?Q?IVAAiTlRuj57h3mUoEiTdMM/HpoC1KtkzBDZ1cCXgRmQzz8EDFqRMDZPziXK?=
=?us-ascii?Q?NcC9MQ+AsUfmkv1dMngtZQmTqHmQybzGWK5hbscA6XniSmkUtQh7UsI47Nxm?=
=?us-ascii?Q?J/F5uv7MyKWMIzCseMrfYGTBBGPAo5hSOZYt7VGxibU8Lhr2HYkd9WvBiYpq?=
=?us-ascii?Q?Ycq0CHKN83mVVxaTBdB17jcE38831O3gjOqClTZJ1NhfvxkRSc5qICLKV8vA?=
=?us-ascii?Q?gLMZIC4NoZzaH9JH7sQdEh3oxJsA3Ng5WNBY8xNwhVuf0szQ78kkkyNZAqGW?=
=?us-ascii?Q?pxCxvPUi/V2eEMZ7Y4V17a9p/aGMMOEPetgCH0Wj7cE8Iw2kjHySFJHszGuj?=
=?us-ascii?Q?K/+7jOFTxaYjYxabJgt4IfO7s/K8bgzNGzCB+bKDIYbQMXN2C9sp80AcPPw1?=
=?us-ascii?Q?DyL2jkGNwkjb4lk3QB4SGml7uK8ufo+emSV0ZYQch+cmXAiXDCCTwQGdLd1d?=
=?us-ascii?Q?p7TVvwXDcKlMbnWupZa4Xk26+Es+KQzP?=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:;
IPV:NLI; SFV:NSPM; H:PH0PR84MB1836.NAMPRD84.PROD.OUTLOOK.COM; PTR:; CAT:NONE;
SFS:(13230040)(376014)(366016)(1800799024)(38070700018); DIR:OUT; SFP:1101
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?qCyYrwkqOs5aS33xWMKV48hTL3MwNDfNCqEYUoLZ98i9rcjD9jsBc8Trrq5C?=
=?us-ascii?Q?4oMQKnzcQBsBjmqxOVlWSMFjztg7tCQt30anjgp+nBVlS3STMfzpZVKtwVgv?=
=?us-ascii?Q?sJW1FnGuuiWMILbJOr3NN1QUKvUgynv1kqgWKhGhnqcpXkVs6H3w5s4YII+F?=
=?us-ascii?Q?Ed2A/vwTuBc6CCuXmyP2FbnVAfY9lSfVvf9LPkTwwmDXrTWtfG/ycSOdNFKt?=
=?us-ascii?Q?6uPbVPl1t+W4ifF7UThL6Ed2bUD816fxmtKdTvH4TpYDD5TNvggS3fE+3J8d?=
=?us-ascii?Q?zJlbka+Wox8GNqfeF6x0E3J5lABZtPe8bKA5Ed1i60x/XV6pwwqNpFgpxyGB?=
=?us-ascii?Q?GhLbhLDTJaIv5xCHrNpfvc5XnMysw6/+YpcqmxrxeKHRVXtapg3ClzVKwd1J?=
=?us-ascii?Q?Fan897wZ808LwEj1FG8mrVFAgZjZ+L8qFt1xLLSVcxXSgQSJVqmZs9oBEZkR?=
=?us-ascii?Q?Q8RXmgJ5C01qbPEel9q467HJLUL2V36iWQyLIp3wKrLSI1TFaed2Xz0MSQ2H?=
=?us-ascii?Q?mBNnUdJy9LFg8Ad9T9cmedjQslpUafKO4Zu9YSk1aQtWZj+pEdEA/eTdkRN4?=
=?us-ascii?Q?Z/j4kAXMGsy4SNy+gOVbXWCYLUOb4yNnVCO7g949EsCpJhpCZR/N5xc58veY?=
=?us-ascii?Q?GK+L3tOJ0u1Cb8xBg83RCjiOSqq2yTRdk+9A5b1lXjseeGajwD+CMevbZu3F?=
=?us-ascii?Q?csL+psoe/1qh5l2qkCHwOWcDTEWWqQz5OLySiljjM2eXPcKAUHWBWSE4rAHg?=
=?us-ascii?Q?5+5jSHEpNn0EZtdl1T/T8brJZE7O1LosYM7kJPTzZJDLDkalk7iTHdbIKNJd?=
=?us-ascii?Q?l0Ou69I5gO8FjbeYYMrnSUov33PEvcI2ACfYPvq3TwkYeNMd3MiYYJAz+BsG?=
=?us-ascii?Q?Grmg8R+WhxMUf4N1J+m6eDz80DGSwy4cI5WAFdawl6CftSLLOvk3O3cSU8nM?=
=?us-ascii?Q?2HwcuKfCMAscaWqEkGdusuiRRQQ+fnAsd2IQltgM6t/rdXbO0h3VF30fQsL1?=
=?us-ascii?Q?QR0aIopFtKv2BeEb537USmJvYo6nbUG6voYsqsgeAwIeFFipqPIi4vUDDGty?=
=?us-ascii?Q?rtIgO5qilzO2zTQTtUXXcpN45uvvXbpkIYz8JV0zJ+QrHip8zJdtfZ7wu5Yd?=
=?us-ascii?Q?edxpkWdjn9JTHld4d5ex1NAuZ8ceOS9D0uBYR7Iv5ptYZQafKyoT9jxwZ151?=
=?us-ascii?Q?C/EFxEPbVcj8VllpCsYOyCpYuXcdPpZNTEMdrS8q0SzRF1aI5BQFkSuojNzO?=
=?us-ascii?Q?t/UgPrPcYWw4D6nkrIbS5E4NGeH4vYjGw+NLv4cyLWEsDmZq+BjXhTAy8Q/N?=
=?us-ascii?Q?T003BbgrRQYa8hLTYW6VvD6WpUSsi6MYY7cwSO8p3DnWAD/D2wh2Cy1M4eIO?=
=?us-ascii?Q?mG5QijzSlFIFat9bR4pydg7yZtC8d/qxKqoQsRrEC49LJcaTPIqdtBhQfW24?=
=?us-ascii?Q?dgHOf38NcxuygrXBkrkZn6TQPOUGCYwtCwjZZZhGU1h+Z6q8YPsBKyR7b0JY?=
=?us-ascii?Q?qSrksr92o9Q3848nVqTgLd5u5kXFhvS6IBoX/pUQJf9oou+xRn6ySQv905O8?=
=?us-ascii?Q?q6Vq540MdkY7RqR4350=3D?=
MIME-Version: 1.0
X-OriginatorOrg: hp.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH0PR84MB1836.NAMPRD84.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: a8044826-1b14-4aa7-2541-08dd5c1c2bfe
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Mar 2025 19:30:22.3030 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: ca7981a2-785a-463d-b82a-3db87dfc3ce6
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Y+v+FIk5VLGupKmSuqZmeRx65v7fa5kYpbeMgBdZZqTFQE4kEs53gkvs4/PStg8oKhSKoT+vUAnQN2UIUYDajA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV8PR84MB3968
X-Mimecast-Spam-Score: 0
X-Mimecast-MFC-PROC-ID: J05qXapcpZwuKGGCji6mVB8fA1E5CTFOSr3TIqWoXpA_1741203024
X-Mimecast-Originator: hp.com
X-Content-Filtered-By: Mailman/MimeDel 2.1.30
X-BeenThere: cygwin AT cygwin DOT com
X-Mailman-Version: 2.1.30
List-Id: General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Archive: <https://cygwin.com/pipermail/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-request AT cygwin DOT com?subject=help>
List-Subscribe: <https://cygwin.com/mailman/listinfo/cygwin>,
<mailto:cygwin-request AT cygwin DOT com?subject=subscribe>
From: "SUMMERS, TED via Cygwin" <cygwin AT cygwin DOT com>
Reply-To: "SUMMERS, TED" <ted DOT summers1 AT hp DOT com>
Sender: "Cygwin" <cygwin-bounces~archive-cygwin=delorie DOT com AT cygwin DOT com> 

Dear list member(s),

I've reviewed the list archives for the last two months since subcomponent release, and googled, but didn't find an answer for my question.

I'm encountering an issue with Tenable detecting a difference in version in our security scans indicating that OpenSSH is still at a vulnerable version.
Even though I have openssh 9.9p2-1 installed, some query methods show the version only as OpenSSH 9.9.
IF I login to my Cygwin installation and perform "ssh -V" I receive the expected correct up-to-date values in the response:
OpenSSH_9.9p2, OpenSSL 3.0.16 11 Feb 2025

However Tenable is performing a non-authenticated query against ssh that returns OpenSSH 9.9  (without the p2 appended to the end).
Then Tenable flags systems for remediation of what it detects as a vulnerable version.

If I initiate a command "ssh -vv <host ip>"  I can see the string where it reports the following:
debug1: Remote protocol version 2.0, remote software version OpenSSH_9.9

I can also get this information via nmap or netcat (nc)
Nmap (v7.94) returns:
22/tcp open  ssh        OpenSSH 9.9 (protocol 2.0)

# nc <ip address> 22
SSH-2.0-OpenSSH_9.9

Is there a file that I can manipulate to resolve this, or can a new openssh package build be made that fixes the version output in response to these other query methods used by security scanners?

I look forward to any response or guidance.

Respectfully,
Ted Summers






-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019