Rooted SSH/SFTP Daemon For Android Hard Coded Credentials Authentication Bypass Vulnerability
BID:69769
Info
Rooted SSH/SFTP Daemon For Android Hard Coded Credentials Authentication Bypass Vulnerability
| Bugtraq ID: | 69769 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 02 2014 12:00AM |
| Updated: | Sep 02 2014 12:00AM |
| Credit: | Larry W. Cashdollar |
| Vulnerable: |
OSS Mobile Apps Rooted SSH/SFTP Daemon 0 |
| Not Vulnerable: | |
Discussion
Rooted SSH/SFTP Daemon For Android Hard Coded Credentials Authentication Bypass Vulnerability
Rooted SSH/SFTP Daemon for Android is prone to an authentication-bypass vulnerability.
An attacker can exploit this issue to gain unauthorized access or obtain sensitive information; this may lead to further attacks.
Rooted SSH/SFTP Daemon for Android is prone to an authentication-bypass vulnerability.
An attacker can exploit this issue to gain unauthorized access or obtain sensitive information; this may lead to further attacks.
Exploit / POC
Rooted SSH/SFTP Daemon For Android Hard Coded Credentials Authentication Bypass Vulnerability
Attackers can exploit this issue using readily available utilities.
Attackers can exploit this issue using readily available utilities.
Solution / Fix
Rooted SSH/SFTP Daemon For Android Hard Coded Credentials Authentication Bypass Vulnerability
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Rooted SSH/SFTP Daemon For Android Hard Coded Credentials Authentication Bypass Vulnerability
References:
References:
- Rooted SSH/SFTP Daemon - Google Play Homepage (OSS Mobile Apps)
- Rooted SSH/SFTP Daemon Default Login Credentials (Larry W. Cashdollar)