SecureCRT SSH-1 Protocol Version String Remote Overflow
High Nessus Plugin ID 15822
SynopsisThe remote host has an application that is affected by a buffer overflow vulnerability.
DescriptionThe remote host is using a vulnerable version of SecureCRT, a SSH/Telnet client built for Microsoft Windows operating systems.
It has been reported that SecureCRT contains a remote buffer overflow allowing an SSH server to execute arbitrary commands via an especially long SSH1 protocol version string.
SolutionUpgrade to SecureCRT 3.2.2, 3.3.4, 3.4.6, 4.1 or newer