Jump to content
wind

SSH.com Communications SSH Tectia Authentication Bypass Remote Zeroday Exploit

By wind, in Exploituri

Recommended Posts

wind Newbie

wind

Posted
Posted

http://www.exploit-db.com/sploits/23082.zip

SSH Tectia Remote Authentication Bypass

Tectia is the commercial OpenSSH solution. The product can be found at:

SSH Key Management, Privileged Access Control, Identity and Access Governance, Data-in-Transit

An attacker in the possession of a valid username of an SSH Tectia installation running on UNIX (verified: AIX/Linux) can login without a password.

The bug is in the SSH USERAUTH CHANGE REQUEST routines which are there to allow a user to change their password. A bug in this code allows an attacker to login without a password by forcing a password change request prior to authentication.

The vulnerability has been verified on UNIX operating systems and at least on this (recent) versions:

• SSH-2.0-6.1.9.95 SSH Tectia Server (Latest available version from SSH Key Management, Privileged Access Control, Identity and Access Governance, Data-in-Transit)

• SSH-2.0-6.0.11.5 SSH Tectia Server

A default installation on Linux (version 6.1.9.95 of Tectia) is vulnerable to the attack.

Asta pare interesant, cand am chef o sa-l incerc :D.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...