Pragma FortressSSH SSH_MSG_KEXINIT Remote Buffer Overflow Vulnerability
BID:17991
CVE-2006-2421 |Info
Pragma FortressSSH SSH_MSG_KEXINIT Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 17991 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | May 16 2006 12:00AM |
| Updated: | May 17 2006 07:24PM |
| Credit: | Discovery is credited to Gerry Eisenhaur. |
| Vulnerable: |
Pragma Systems FortressSSH 4.0.7 .20 |
| Not Vulnerable: | |
Discussion
Pragma FortressSSH SSH_MSG_KEXINIT Remote Buffer Overflow Vulnerability
A remote buffer-overflow vulnerability exits in FortressSSH.
This issue may permit remote code execution in vulnerable servers. A complete compromise leading to SYSTEM level access may be possible.
FortressSSH 4.0.7.20 is reported vulnerable. Other versions may be affected as well.
A remote buffer-overflow vulnerability exits in FortressSSH.
This issue may permit remote code execution in vulnerable servers. A complete compromise leading to SYSTEM level access may be possible.
FortressSSH 4.0.7.20 is reported vulnerable. Other versions may be affected as well.
Exploit / POC
Pragma FortressSSH SSH_MSG_KEXINIT Remote Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution / Fix
Pragma FortressSSH SSH_MSG_KEXINIT Remote Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]:[email protected]
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]:[email protected]
References
Pragma FortressSSH SSH_MSG_KEXINIT Remote Buffer Overflow Vulnerability
References:
References:
- FortressSSH Homepage (Pragma Systems)