|
|
|
Vulnerability Note VU#814198SSH Tectia Server contains a race condition when the password change plugin is enabledOverviewSSH Tectia Server contains a race condition that may permit an authenticated user access to the private key of the server. Exploitation of this vulnerability may lead to the ability to compromise the trust relationships of the vulnerable server.I. DescriptionSSH Tectia Server versions 4.0.3 and 4.0.4 for Unix contain a race condition vulnerability when the password change plugin (ssh-passwd-plugin) is enabled. Note that the password change plugin is disabled by default. Versions 4.0.3 and 4.0.4 of SSH Tectia Server running on the following platforms are affected:
II. ImpactExploitation of this vulnerability may lead to the ability of an authenticated user with shell access to gain access to the private key of the server, thus compromising the trust relationships of the vulnerable server.III. SolutionUpgrading to 4.0.5. If a host has been running a vulnerable version of SSH Tectia, configured to use the password change plugin and the users have had shell access, SSH recommends that the hostkeys be regenerated after upgrading.Disabling the AuthPassword.ChangePlugin configuration option will mitigate this vulnerability.
References
Thanks to SSH Communications for reporting this vulnerability. This document was written by Jason A Rafail and is based on the information provided by SSH Communications.
If you have feedback, comments, or additional information about this vulnerability, please send us
email. |
||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
Get Adobe Reader