SSH RSAREF Library Multiple Functions Local Overflow

high Nessus Plugin ID 10269

Synopsis

The remote SSH server may allow execution of arbitrary code.

Description

The remote SSH server is version 1.2.27 or earlier.

If this version was compiled against the RSAREF library, then it is likely to be vulnerable to a buffer overflow that a remote attacker could exploit to gain root privileges on the affected system.

To determine if you compiled ssh against the RSAREF library, type 'ssh
-V' on the remote host.

Solution

Either re-compile ssh to avoid using the RSAREF library or upgrade to SSH 2.x or later.

See Also

https://seclists.org/bugtraq/1999/Dec/22

Plugin Details

Severity: High

ID: 10269

File Name: ssh_overflow.nasl

Version: 1.34

Type: remote

Family: Misc.

Published: 11/11/1999

Updated: 11/15/2018

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 12/1/1999

Reference Information

CVE: CVE-1999-0834

BID: 843