{"id": "VU:140977", "type": "cert", "bulletinFamily": "info", "title": "SSH Secure Shell for Workstations contains buffer overflow in URL-handling feature", "description": "### Overview \n\nThe Windows version of SSH Secure Shell for Workstations contains a buffer overflow vulnerability that may allow an attacker to execute arbitrary code.\n\n### Description \n\nThe SSH Secure Shell for Workstations client includes a URL-handling feature that allows users to launch URLs that appear in the terminal window. When the user clicks on a URL, it will be launched using their default browser. \n\nVersions 3.1 to 3.2.0 of this application contain a buffer overflow vulnerability that is triggered when the launched URL is approximately 500 characters or greater in length. To exploit this vulnerability, an attacker must supply a malicious URL to a terminal session and convince the victim to launch it. \n \n--- \n \n### Impact \n\nThis vulnerability allows an attacker to execute arbitrary code by convincing an unsuspecting user to click on a malicious URL. \n \n--- \n \n### Solution \n\n**Apply a patch** \n \nSSH Communications Security has released a Security Advisory to address this vulnerability. For more information, please see \n\n\n[_http://www.ssh.com/company/newsroom/article/287/_](<http://www.ssh.com/company/newsroom/article/287/>) \n--- \n \n### Vendor Information\n\n140977\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### SSH Communications Security __ Affected\n\nNotified: November 18, 2002 Updated: December 04, 2002 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nSSH Communications Security has released a Security Advisory to address this vulnerability. For more information, please see\n\n \n[_http://www.ssh.com/company/newsroom/article/287/_](<http://www.ssh.com/company/newsroom/article/287/>)\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23140977 Feedback>).\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References \n\n * <http://www.ssh.com/company/newsroom/article/287/>\n * <http://ftp.ssh.com/priv/secureshell/6g3zslpk/windows/>\n\n### Acknowledgements\n\nThe CERT/CC thanks SSH Communications Security for reporting this vulnerability.\n\nThis document was written by Jeffrey P. Lanza.\n\n### Other Information\n\n**CVE IDs:** | [None](<http://web.nvd.nist.gov/vuln/detail/None>) \n---|--- \n**Severity Metric:** | 1.60 \n**Date Public:** | 2002-11-25 \n**Date First Published:** | 2002-12-04 \n**Date Last Updated: ** | 2002-12-13 23:50 UTC \n**Document Revision: ** | 16 \n", "published": "2002-12-04T00:00:00", "modified": "2002-12-13T23:50:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.kb.cert.org/vuls/id/140977", "reporter": "CERT", "references": ["http://www.ssh.com/company/newsroom/article/287/", "http://ftp.ssh.com/priv/secureshell/6g3zslpk/windows/"], "cvelist": [], "lastseen": "2020-09-18T20:44:15", "viewCount": 4, "enchantments": {"score": {"value": 0.4, "vector": "NONE", "modified": "2020-09-18T20:44:15", "rev": 2}, "dependencies": {"references": [], "modified": "2020-09-18T20:44:15", "rev": 2}, "vulnersScore": 0.4}}

{}