LSH Daemon < 1.4.3 / 1.5.3 lshd Remote Overflow

critical Nessus Plugin ID 11843

Language:

Synopsis

The remote SSH server is affected by a buffer overflow vulnerability.

Description

According to its banner, the version of LSH (a free replacement for SSH) is a version prior to 1.4.3 / 1.5.3. It is, therefore, affected by a buffer overflow vulnerability due to improper handling of user input to the 'read_line.c', 'channel_commands.c', and 'client_keyexchange.c' source files that could allow an attacker to execute arbitrary code or cause a denial of service.

Solution

Upgrade to LSH 1.4.3 / 1.5.3 or later.

See Also

https://seclists.org/bugtraq/2003/Sep/298

https://seclists.org/bugtraq/2003/Sep/314

Plugin Details

Severity: Critical

ID: 11843

File Name: lsh_overflow.nasl

Version: 1.15

Type: remote

Family: Misc.

Published: 9/19/2003

Updated: 11/15/2018

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.6

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:gnu:lsh

Required KB Items: Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/20/2003

Vulnerability Publication Date: 9/20/2003

Reference Information

CVE: CVE-2003-0826

BID: 8655

SuSE: SUSE-SA:2003:041