[SA18843] WRQ Reflection Secure IT SFTP Format String Vulnerability

2006-02-16T00:00:00
ID SECURITYVULNS:DOC:11477
Type securityvulns
Reporter Securityvulns
Modified 2006-02-16T00:00:00

Description

TITLE: WRQ Reflection Secure IT SFTP Format String Vulnerability

SECUNIA ADVISORY ID: SA18843

VERIFY ADVISORY: http://secunia.com/advisories/18843/

CRITICAL: Moderately critical

IMPACT: System access

WHERE: >From remote

SOFTWARE: WRQ Reflection for Secure IT UNIX Server 6.x http://secunia.com/product/8068/ F-Secure SSH for Windows 5.x http://secunia.com/product/188/ F-Secure SSH for UNIX 5.x http://secunia.com/product/8069/ F-Secure SSH for UNIX 4.x http://secunia.com/product/8076/ F-Secure SSH for UNIX 3.x http://secunia.com/product/2290/ WRQ Reflection for Secure IT Windows Server 6.x http://secunia.com/product/5642/

DESCRIPTION: A vulnerability has been reported in Reflection Secure IT, which can be exploited by malicious users to compromise a vulnerable system.

The vulnerability is caused due to a format string error in the SFTP component during logging of accessed file names. This can potentially be exploited to execute arbitrary code via a file with specially crafted file name.

Successful exploitation requires that a user is authenticated to the SFTP service.

SOLUTION: Update to a fixed version.

-- Windows Server --

Reflection for Secure IT Windows Server: Update to version 6.0 build 38.

F-Secure SSH Server for Windows: Update to version 5.3 build 35.

-- UNIX Server --

Reflection for Secure IT UNIX Server: Update to version 6.0.0.9.

F-Secure SSH Server for UNIX: Update to version 5.0.8.

PROVIDED AND/OR DISCOVERED BY: Reported by vendor.

ORIGINAL ADVISORY: WRQ: http://support.wrq.com/techdocs/1882.html

OTHER REFERENCES: US-CERT VU#419241: http://www.kb.cert.org/vuls/id/419241


About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.