Nessus Plugin #15822
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
SecureCRT SSH1 protocol version string overflow
- Family:
- Windows
- Category:
- infos
- Copyright:
- This script is Copyright (C) 2004 David Maciejak
- Summary:
- Determines the version of SecureCRT
- Version:
- $Revision: 1.2 $
- Cve_id:
- CVE-2002-1059
- Bugtraq_id:
- 5287
- Xrefs:
- OSVDB:4991
- Description:
The remote host is using a vulnerable version of SecureCRT, a
SSH/Telnet client built for Microsoft Windows operation systems.
It has been reported that SecureCRT contain a remote buffer overflow
allowing an SSH server to execute arbitrary command via a specially
long SSH1 protocol version string.
Solution : Upgrade to SecureCRT 3.2.2, 3.3.4, 3.4.6, 4.1 or newer
Risk factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.