SSH Tectia Server < 5.2.4 / 5.3.6 Local Privilege Escalation

ID 4335.PRM
Type nessus
Reporter Tenable
Modified 2019-03-06T00:00:00


The remote host is running SSH Tectia Server, a commercial SSH server. According to its banner, the installed version of this software contains a local flaw in the way that it handles command line arguments to the 'ssh-signer' binary. This flaw is only relevant to Unix machines. An attacker exploiting this flaw would need local access. Successful exploitation would result in the attacker executing code as the 'root' user.

                                            Binary data 4335.prm