SecureCRT telnet URI Arbitrary Configuration Folder Privilege Escalation

2004-11-23T06:08:05
ID OSVDB:12089
Type osvdb
Reporter Brett Moore(brett.moore@security-assessment.com)
Modified 2004-11-23T06:08:05

Description

Vulnerability Description

Secure CRT contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a remote user creates a specially crafted telnet URL which specifies an alternate directory for the configuration file. The alternate configuration file can specify alternative scripts to excute for a login script. This flaw may lead to a loss of confidentiality.

Solution Description

Upgrade to version version 4.1.9 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Secure CRT contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a remote user creates a specially crafted telnet URL which specifies an alternate directory for the configuration file. The alternate configuration file can specify alternative scripts to excute for a login script. This flaw may lead to a loss of confidentiality.

References:

Vendor URL: http://www.vandyke.com/ Security Tracker: 1012308 Secunia Advisory ID:13275 Other Advisory URL: http://www.security-assessment.com/Papers/SecureCRT_Remote_Command_Execution.pdf Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1037.html CVE-2004-1541