Gain a shell remotely : SSH Multiple Vulns

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.11195

Categoría: Gain a shell remotely

Título: SSH Multiple Vulns

Resumen: According to its banner, the remote SSH server is vulnerable to one or; more of the following vulnerabilities:;; CVE-2002-1357 (incorrect length);; CVE-2002-1358 (lists with empty elements/empty strings);; CVE-2002-1359 (large packets and large fields);; CVE-2002-1360 (string fields with zeros)

Descripción: Summary:
According to its banner, the remote SSH server is vulnerable to one or
more of the following vulnerabilities:

CVE-2002-1357 (incorrect length)

CVE-2002-1358 (lists with empty elements/empty strings)

CVE-2002-1359 (large packets and large fields)

CVE-2002-1360 (string fields with zeros)

Vulnerability Impact:
Some of these vulnerabilities may allow remote attackers to execute
arbitrary code with the privileges of the SSH process, usually root.

Solution:
Upgrade your SSH server to an unaffected version.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2002-1357
BugTraq ID: 6405
http://www.securityfocus.com/bid/6405
http://www.cert.org/advisories/CA-2002-36.html
CERT/CC vulnerability note: VU#389665
http://www.kb.cert.org/vuls/id/389665
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5849
http://securitytracker.com/id?1005812
http://securitytracker.com/id?1005813
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html
XForce ISS Database: ssh-transport-length-bo(10868)
https://exchange.xforce.ibmcloud.com/vulnerabilities/10868
Common Vulnerability Exposure (CVE) ID: CVE-2002-1358
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5721
Common Vulnerability Exposure (CVE) ID: CVE-2002-1359
BugTraq ID: 6407
http://www.securityfocus.com/bid/6407
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5848
XForce ISS Database: ssh-transport-multiple-bo(10870)
https://exchange.xforce.ibmcloud.com/vulnerabilities/10870
Common Vulnerability Exposure (CVE) ID: CVE-2002-1360
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5797

Copyright Copyright (C) 2002 Paul Johnston, Westpoint Ltd

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.11195
Categoría:	Gain a shell remotely
Título:	SSH Multiple Vulns
Resumen:	According to its banner, the remote SSH server is vulnerable to one or; more of the following vulnerabilities:;; CVE-2002-1357 (incorrect length);; CVE-2002-1358 (lists with empty elements/empty strings);; CVE-2002-1359 (large packets and large fields);; CVE-2002-1360 (string fields with zeros)
Descripción:	Summary: According to its banner, the remote SSH server is vulnerable to one or more of the following vulnerabilities: CVE-2002-1357 (incorrect length) CVE-2002-1358 (lists with empty elements/empty strings) CVE-2002-1359 (large packets and large fields) CVE-2002-1360 (string fields with zeros) Vulnerability Impact: Some of these vulnerabilities may allow remote attackers to execute arbitrary code with the privileges of the SSH process, usually root. Solution: Upgrade your SSH server to an unaffected version. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2002-1357 BugTraq ID: 6405 http://www.securityfocus.com/bid/6405 http://www.cert.org/advisories/CA-2002-36.html CERT/CC vulnerability note: VU#389665 http://www.kb.cert.org/vuls/id/389665 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5849 http://securitytracker.com/id?1005812 http://securitytracker.com/id?1005813 http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html XForce ISS Database: ssh-transport-length-bo(10868) https://exchange.xforce.ibmcloud.com/vulnerabilities/10868 Common Vulnerability Exposure (CVE) ID: CVE-2002-1358 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5721 Common Vulnerability Exposure (CVE) ID: CVE-2002-1359 BugTraq ID: 6407 http://www.securityfocus.com/bid/6407 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5848 XForce ISS Database: ssh-transport-multiple-bo(10870) https://exchange.xforce.ibmcloud.com/vulnerabilities/10870 Common Vulnerability Exposure (CVE) ID: CVE-2002-1360 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5797
Copyright	Copyright (C) 2002 Paul Johnston, Westpoint Ltd