SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   Bitvise SSH Client Vendors:   Bitvise
Bitvise SSH Client Invalid Memory Access Error Lets Remote Users Deny Service
SecurityTracker Alert ID:  1040944
SecurityTracker URL:  http://securitytracker.com/id/1040944
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  May 19 2018
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 7.41
Description:   A vulnerability reported in Bitvise SSH Client. A remote user can cause denial of service conditions on the target system.

A remote server can return specially crafted data to the target connected client to trigger an invalid memory access error and cause the target client to stop processing.

This can also be exploited by a remote authenticated user importing a specially crafted file via the Bitvise SSH Client, causing the import process to stop processing.

Impact:   A remote user can cause the target client to crash.
Solution:   The vendor has issued a fix (7.41) [in April 2018].

The vendor advisory is available at:

https://www.bitvise.com/ssh-client-version-history#security-notification-741

Vendor URL:  www.bitvise.com/ssh-client-version-history#security-notification-741 (Links to External Site)
Cause:   Access control error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC