We have several SG300 switches that when we run an internal vulnerability scan detects multiple issues with the Open SSH on the switch. It detects it as 3.6.1p1. These vulnerabilities include, but not limited to, CVE ID's CVE-2003-0693, CVE-2003-0386, and CVE-2003-0190. We are running the latest code and have SSH V2 enabled. Has anyone else run into this, and if so, are these false positives or what did you do to get around it?
... View more
We just upgraded our Sg300 series switches to the new IOS so we can get CLI access. The upgrade went fine but it seems we have two login prompts, the first being completely unnecessary as you can just hit return to get by it. IE here is the progression: 1. Connect SSH 2. Receive a "login:" prompt. Anything can be entered here, including just return 3. Login banner is displayed 4. Username Prompt is then displayed. Valid username required 5. Password Prompt displayed - Valid password required 6. Now at CLI 1. Connect SSH I am trying to get rid of that first login prompt (IE Step 2) as it is causing issues with our configuration software. I have tried every line and authentication command I can think of, the only thing that gets rid of it is using none authentication which obviously we can't stay with. Anyone else have this issue and how did you get around it?
... View more