7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
0.4%
The SSH Communications Security Tectia Client and Server products are vulnerable to privilege escalation, which may allow a local user to gain root access.
The SSH Tectia Client and Server products contain an unspecified privilege escalation vulnerability in ssh-signer
. A local user may be able to obtain root access. According to SSH Communications Security:
AFFECTED PRODUCTS
NOT AFFECTED PRODUCTS
A local user may be able to obtain root access.
Apply an update
This issue is addressed in SSH Tectia Client/Server solution 5.2.4 and 5.3.6.
Remove ssh-signer
This vulnerability can be mitigated by removing the ssh-signer
binary, which is located in /opt/tectia/``libexec``/
. Note that this will disable host-based authentication of the SSH Tectia Client. This will have no adverse effect on SSH Tectia Server.
921339
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Updated: January 08, 2008
Affected
Immediate work-around is to remove the ssh-signer binary which is located in /opt/tectia/libexec/.
Note that this will disable host-based authentication of the SSH Tectia Client.
This has no adverse effect on SSH Tectia Server installation.
You can also update your system to SSH Tectia client/server solution 5.2.4 or 5.3.6, which will fix the vulnerability.
Once the update has been made, you can safely use the product again.
The vendor has not provided us with any further information regarding this vulnerability.
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
Thanks to Tuomas Siren for reporting this vulnerability.
This document was written by Will Dormann.
CVE IDs: | CVE-2007-5616 |
---|---|
Severity Metric: | 2.25 Date Public: |