Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

SSH Tectia Server < 5.2.4 / 5.3.6 Local Privilege Escalation

High

Synopsis

The remote host is vulnerable to a local privilege escalation flaw.

Description

The remote host is running SSH Tectia Server, a commercial SSH server. According to its banner, the installed version of this software contains a local flaw in the way that it handles command line arguments to the 'ssh-signer' binary. This flaw is only relevant to Unix machines. An attacker exploiting this flaw would need local access. Successful exploitation would result in the attacker executing code as the 'root' user.

Solution

Upgrade to version 5.2.4, 5.3.6 or higher.