Lucene search
+L

70 matches found

CVE
CVE
added 2008/01/09 9:0 p.m.60 views

CVE-2007-5616

CVE-2007-5616 affects SSH Tectia Client and Server 5.x before 5.2.4 and 5.3.x before 5.3.6 on Unix/Linux. A local user can escalate privileges via the ssh-signer component, with root access reported as the impact. The vulnerability is mitigated by upgrading to SSH Tectia client/server 5.2.4 or 5....

7.2CVSS6.6AI score0.00942EPSS
Exploits0References7Affected Software2
Cvelist
Cvelist
added 2008/01/09 9:0 p.m.26 views

CVE-2007-5616

ssh-signer in SSH Tectia Client and Server 5.x before 5.2.4, and 5.3.x before 5.3.6, on Unix and Linux allows local users to gain privileges via unspecified vectors...

6.6AI score0.00942EPSS
Exploits0References7
Prion
Prion
added 2007/04/18 3:19 a.m.13 views

Design/Logic Flaw

SSH Tectia Server for IBM z/OS before 5.4.0 uses insecure world-writable permissions for 1 the server pid file, which allows local users to cause arbitrary processes to be stopped, or 2 when BPXBATCHUMASK is missing from the environment, creates HFS files with insecure permissions, which allows...

4.4CVSS6.8AI score0.00302EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2007/04/18 3:19 a.m.19 views

CVE-2007-2063

SSH Tectia Server for IBM z/OS before 5.4.0 uses insecure world-writable permissions for 1 the server pid file, which allows local users to cause arbitrary processes to be stopped, or 2 when BPXBATCHUMASK is missing from the environment, creates HFS files with insecure permissions, which allows...

4.4CVSS6.3AI score0.00302EPSS
Exploits0References8
Cvelist
Cvelist
added 2007/04/18 2:20 a.m.19 views

CVE-2007-2063

SSH Tectia Server for IBM z/OS before 5.4.0 uses insecure world-writable permissions for 1 the server pid file, which allows local users to cause arbitrary processes to be stopped, or 2 when BPXBATCHUMASK is missing from the environment, creates HFS files with insecure permissions, which allows...

6.3AI score0.00302EPSS
Exploits0References8
seebug.org
seebug.org
added 2007/04/18 12:0 a.m.14 views

SSH Tectia Server for IBM z/OS本地权限提升漏洞

SSH Tectia客户端/服务器解决方案是基于Secure Shell技术的多平台点到点通讯安全解决方案,SSH Tectia Server for IBM z/OS是其中的一个产品模块。 SSH Tectia Server安装文件时设置了不安全的访问权限,本地攻击者可能利用此漏洞提升自己的权限。 SSH Tectia Server for IBM z/OS以完全可写的权限创建文件和目录,因此本地用户可以删除、控制或替换某些文件,获得权限提升。 SSH Communications Security SSH Tectia Server for IBM z/OS 5.4.0...

7AI score
Exploits0
seebug.org
seebug.org
added 2006/12/12 12:0 a.m.14 views

SSH Tectia Manager Agent进程本地特权提升漏洞

SSH Tectia基于SSH技术,集中管理情况下提供 安全的系统管理,安全的文件传输,安全的程序之间的连接。 SSH Tectia Manager下的管理代理程序存在漏洞,本地攻击者可以利用漏洞使用Unix管理代理以ROOT权限起用非特权进程。 只有在如下条件下可触发此问题: - 实际管理的sshd程序已经停止。 - 用户已启动自身的非特权进程两进制调用SSHD。 - 管理代理通过管理服务GUI中的管理服务"Restart"按钮来重新启动sshd服务程序。 - 通过进程列表读取信息,杀掉非特权进程sshd服务器,然后以ROOT权限重启动相同的两进制程序。...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2006/10/24 10:0 p.m.32 views

CVE-2006-5484

SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 2.2.0 and earlier, and other products, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS 1 v1.5 signature that is signed by that RSA key and prevents...

6.9AI score0.01365EPSS
Exploits0References6
CVE
CVE
added 2006/10/24 10:0 p.m.64 views

CVE-2006-5484

CVE-2006-5484 describes a cryptographic flaw in SSH Tectia Client/Server/Connector (5.1.0 and earlier) and Manager (2.2.0 and earlier), where using an RSA key with exponent 3 causes PKCS#1 padding to be removed before hash generation. This enables remote attackers to forge a PKCS#1 v1.5 signature...

5CVSS8.2AI score0.01365EPSS
Exploits0References6Affected Software4
securityvulns
securityvulns
added 2006/08/25 12:0 a.m.45 views

[SA21559] SSH Tectia Management Agent Privilege Escalation

TITLE: SSH Tectia Management Agent Privilege Escalation SECUNIA ADVISORY ID: SA21559 VERIFY ADVISORY: http://secunia.com/advisories/21559/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: SSH Tectia Manager 2.x http://secunia.com/product/11677/ DESCRIPTION: A...

0.9AI score
Exploits0
NVD
NVD
added 2006/08/23 10:4 p.m.11 views

CVE-2006-4315

Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server before 4.4.5, and Manager 2.12 and earlier, when running on Windows, might allow local users to gain privileges via a malicious program file under "Progr...

7.2CVSS6.6AI score0.00332EPSS
Exploits0References4
NVD
NVD
added 2006/08/23 10:4 p.m.18 views

CVE-2006-4316

SSH Tectia Management Agent 2.1.2 allows local users to gain root privileges by running a program called sshd, which is obtained from a process listing when the "Restart" action is selected from the Management server GUI, which causes the agent to locate the pathname of the user's program and...

7.2CVSS6.6AI score0.00346EPSS
Exploits0References6
Cvelist
Cvelist
added 2006/08/23 10:0 p.m.23 views

CVE-2006-4316

SSH Tectia Management Agent 2.1.2 allows local users to gain root privileges by running a program called sshd, which is obtained from a process listing when the "Restart" action is selected from the Management server GUI, which causes the agent to locate the pathname of the user's program and...

6.6AI score0.00346EPSS
Exploits0References6
Cvelist
Cvelist
added 2006/08/23 10:0 p.m.18 views

CVE-2006-4315

Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server before 4.4.5, and Manager 2.12 and earlier, when running on Windows, might allow local users to gain privileges via a malicious program file under "Progr...

6.6AI score0.00332EPSS
Exploits0References4
CVE
CVE
added 2006/08/23 10:0 p.m.43 views

CVE-2006-4315

CVE-2006-4315 describes an unquoted Windows search path vulnerability in multiple SSH Tectia products. Affects: SSH Tectia Client/Server/Connector 5.0.0 and 5.0.1, and Client/Server prior to 4.4.5; Manager 2.12 and earlier. Root cause: unquoted paths under Windows in the application startup chain...

7.2CVSS7AI score0.00332EPSS
Exploits0References4Affected Software4
securityvulns
securityvulns
added 2006/02/16 12:0 a.m.97 views

[SA18828] SSH Tectia Server SFTP Service Unspecified Vulnerability

TITLE: SSH Tectia Server SFTP Service Unspecified Vulnerability SECUNIA ADVISORY ID: SA18828 VERIFY ADVISORY: http://secunia.com/advisories/18828/ CRITICAL: Moderately critical IMPACT: System access WHERE: From remote SOFTWARE: SSH Secure Shell for Servers 3.x http://secunia.com/product/808/ SSH...

0.8AI score
Exploits0
CVE
CVE
added 2006/02/15 11:0 a.m.70 views

CVE-2006-0705

CVE-2006-0705 is a format-string vulnerability in SFTP/SSH logging code across multiple servers (e.g., SSH Secure Shell Server variants, and related SFTP servers). The flaw affects the handling of filenames in logs, enabling a remote authenticated user to potentially execute arbitrary commands vi...

6.5CVSS7AI score0.10188EPSS
Exploits0References15Affected Software2
Tenable Nessus
Tenable Nessus
added 2006/02/15 12:0 a.m.15 views

SSH Tectia Server SFTP Filename Logging Format String

Binary data 3432.prm...

6.5CVSS7AI score0.10188EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2006/02/15 12:0 a.m.30 views

SSH Tectia Server SFTP Filename Logging Format String

The remote host is running SSH Tectia Server, a commercial SSH server. According to its banner, the installed version of this software contains a format string vulnerability in its sftp subsystem. A remote, authenticated attacker may be able to execute arbitrary code on the affected host subject ...

6.5CVSS5.9AI score0.10188EPSS
Exploits0References2
CVE
CVE
added 2005/12/17 12:0 a.m.53 views

CVE-2005-4310

Affected product : SSH Tectia Server

7.5CVSS6.7AI score0.01404EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder