Previous articleBack to news listNext article
|
Sponsored links |
Want to become one of our authors and see your work published on ALLSeek.iNFO ?
|
| Van Dyke SecureCRT May Let Remote Users Execute Arbitrary Scripting Commands |
|---|
Categorie: Vulnerability
Posted: 2004-11-29 by ReCall
Views: 285
Source: Click here
| Current Rating: Not rated
|
|
| Details |
|---|
Description: A vulnerability was reported in SecureCRT. A remote user may be able to cause the target user to execute arbitrary scripting commands in certain cases.
Security-Assessment.com reported that a remote user can create a specially crafted telnet URL to specify an alternate directory for the configuration file (e.g., on an SMB share). The alternate configuration can specify the execution of scripting commands as part of a logon script.
The original advisory is available at:
http://www.security-assessment.com/Papers/SecureCRT_Remote_Command_Execution.pdf
Impact: A remote user can create a URL that, when loaded by the target user, will cause SecureCRT to execute arbitrary scripting commands.
Solution: The vendor has issued a fix, available at:
http://www.vandyke.com/download/securecrt/index.html
|
| Syndication |
|---|
Permalink Email this
The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=1133
|
| User comments (post your comments ) |
|---|
Only registerd members can post comments and articles
|
|
Previous articleBack to news listNext article
|
