SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Your Ad Here
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Security)  >  SSH Tectia Server Vendors:  SSH Communications
SSH Tectia Server SFTP Logging Bug May Let Remote Authenticated Users Execute Arbitrary Commands
SecurityTracker Alert ID:  1015619
SecurityTracker URL:  http://securitytracker.com/id?1015619
CVE Reference:  CVE-2006-0705   (Links to External Site)
Updated:  Mar 14 2007
Original Entry Date:  Feb 13 2006
Impact:  Execution of arbitrary code via network, User access via network
Fix Available:  Yes   Vendor Confirmed:  Yes  
Version(s): 4.4.0 and prior versions
Description:  A vulnerability was reported in SSH Tectia Server. A remote authenticated user may be able to execute arbitrary commands.

The SFTP component does not properly log file names accessed by the user. As a result, certain file names may cause commands to be executed when the file name is logged.

A remote authenticated user can execute arbitrary commands. Also, a remote authenticated user can cause arbitrary commands to be executed by a target user when the target user accesses a specially name file.

SSH Tectia Server 4.3.6 (A and T) and prior versions and 4.4.0 (A and T) and SSH Secure Shell Server 3.2.9 and prior versions are affected.

The following products are not affected:

* SSH Tectia Client
* SSH Tectia Connector
* SSH Tectia Server (M) for IBM mainframes
* SSH Tectia Server 5.x (A, F, and T)

Secunia disclosed this vulnerability.
Impact:  A remote authenticated user may be able to execute arbitrary commands or cause commands to be executed by a target user.
Solution:  The vendor has issued fixed versions (4.3.7, 4.4.2), available at:

http://www.ssh.com/support/downloads/tectia-server

The vendor's advisory is available at:

http://www.ssh.com/company/newsroom/article/715/
Vendor URL:  www.ssh.com/company/newsroom/article/715/ (Links to External Site)
Cause:  Input validation error
Underlying OS:  Linux (Any), UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Mar 26 2008 (HP Issues Fix for Tru64) SSH Tectia Server SFTP Logging Bug May Let Remote Authenticated Users Execute Arbitrary Commands   (security-alert@hp.com)
HP has released a fix for Tru64 UNIX 5.1B-3 and 5.1B-4.


 Source Message Contents

 

[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2007, SecurityGlobal.net LLC