Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1059

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-1059
Last Modified 05 Sep 2008 04:29:40
Published 04 Oct 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1059

Summary

Buffer overflow in Van Dyke SecureCRT SSH client before 3.4.6, and 4.x before 4.0 beta 3, allows an SSH server to execute arbitrary code via a long SSH1 protocol version string.

Vulnerable Systems

Application

  • Van Dyke Technologies Securecrt 2.4

  • Van Dyke Technologies Securecrt 3.0

  • Van Dyke Technologies Securecrt 3.1

  • Van Dyke Technologies Securecrt 3.1.1

  • Van Dyke Technologies Securecrt 3.1.2

  • Van Dyke Technologies Securecrt 3.2

  • Van Dyke Technologies Securecrt 3.2.1

  • Van Dyke Technologies Securecrt 3.3

  • Van Dyke Technologies Securecrt 3.3.1

  • Van Dyke Technologies Securecrt 3.3.2

  • Van Dyke Technologies Securecrt 3.3.3

  • Van Dyke Technologies Securecrt 3.4

  • Van Dyke Technologies Securecrt 3.4.1

  • Van Dyke Technologies Securecrt 3.4.2

  • Van Dyke Technologies Securecrt 3.4.3

  • Van Dyke Technologies Securecrt 3.4.4

  • Van Dyke Technologies Securecrt 3.4.5

  • Van Dyke Technologies Securecrt 4.0 Beta 1

  • Van Dyke Technologies Securecrt 4.0 Beta 2


References

BID - 5287

XF - securecrt-ssh1-identifier-bo(9650)

CONFIRM - http://www.vandyke.com/products/securecrt/security07-25-02.html

OSVDB - 4991

BUGTRAQ - 20020723 Re: Arbitrary Code Execution Vulnerability in VanDyke SecureCRT

BUGTRAQ - 20020723 Arbitrary Code Execution Vulnerability in VanDyke SecureCRT 3.4 & 4.0 beta


Last Updated: 27 May 2016 10:37:10