SSH Tectia Server < 5.2.4 / 5.3.6 Local Privilege Escalation
High Nessus Network Monitor Plugin ID 4335
SynopsisThe remote host is vulnerable to a local privilege escalation flaw.
DescriptionThe remote host is running SSH Tectia Server, a commercial SSH server. According to its banner, the installed version of this software contains a local flaw in the way that it handles command line arguments to the 'ssh-signer' binary. This flaw is only relevant to Unix machines. An attacker exploiting this flaw would need local access. Successful exploitation would result in the attacker executing code as the 'root' user.
SolutionUpgrade to version 5.2.4, 5.3.6 or higher.