Article ID: 6570, created on Aug 4, 2009, last review on May 11, 2014

  • Applies to:
  • H-Sphere


Parallels H-Sphere Control Panel can not pass PCI (payment card industry) scan because off the following security hole found on
port/service "ssh (22/tcp)" : "OpenSSH < 4.4 Multiple GSSAPI Vulnerabilities"


The following Common Vulnerabilities and Exposures are reported:
CVE-2006-5051 -
CVE-2006-5052 -

It seams the PCI compliance test was not smartly enough while doing the job.

The reason is that Red Hat (and CentOS as well) included corresponded patches to solve the vulnerabilities long time ago (in openssh packages version 3.6.1p2-33.30.12 and up):

To update the OpenSSH for on FreeBSD boxes, please use the latest port:

f213b9fa8759d57bee5d547445806fe7 6311ae17c1ee52b36e68aaf4ad066387

Email subscription for changes to this article
Save as PDF