SecureCRT SSH-1 Protocol Version String Remote Overflow

High Nessus Plugin ID 15822


The remote host has an application that is affected by a buffer overflow vulnerability.


The remote host is using a vulnerable version of SecureCRT, a SSH/Telnet client built for Microsoft Windows operating systems.

It has been reported that SecureCRT contains a remote buffer overflow allowing an SSH server to execute arbitrary commands via an especially long SSH1 protocol version string.


Upgrade to SecureCRT 3.2.2, 3.3.4, 3.4.6, 4.1 or newer

Plugin Details

Severity: High

ID: 15822

File Name: securecrt_remote_overflow.nasl

Version: $Revision: 1.17 $

Type: local

Agent: windows

Family: Windows

Published: 2004/11/24

Modified: 2015/01/12

Dependencies: 13855

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 8.4

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:W/RC:C

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2002/07/23

Exploitable With

Metasploit (SecureCRT SSH1 Buffer Overflow)

Reference Information

CVE: CVE-2002-1059

BID: 5287

OSVDB: 4991