cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

PCI Compliance and Open SSH

I am having issues scanning my clients website for PCI Compliance. The scanner is coming up with multiple SSH errors that do not allow me to be approved. The company is on a shared linux environment. Below are a couple errors along with a screenshot.

 

  • Unsupported Version of OpenSSH
  • Open SSH through 7.2p2 allows potential privilege escalation by remote hackers

http://imgur.com/petWcE7

 

I have a lot of clients that use E-Commerce and I want to make sure these environment are going to be sufficient for passing PCI Compliance.

1 REPLY 1
Anonymous
Not applicable

Re: PCI Compliance and Open SSH

Hi,

this is why updating software is so important. Trying to keep ahead of the black hat hackers!

read this :https://www.openssh.com/security.html