Signature Detail
Short Name |
APP:SECURECRT-CONF |
|---|---|
Severity |
Medium |
Recommended |
No |
Category |
APP |
Keywords |
SecureCRT Configuration File in TELNET URL |
Release Date |
2004/12/13 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: SecureCRT Configuration File in TELNET URL
This signature detects TELNET URLs that specify a SecureCRT configuration folder option. SecureCRT prior to 4.1.9 contain a vulnerability that allows configurations files to contain login script information. An attacker can entice a target to open a TELNET URL that specifies an external configuration file containing an arbitrary script.
Extended Description
A remote command execution vulnerability affects Van Dyke's SecureCRT. This issue is due to a design error that allows a remote attacker to execute arbitrary script on the affected computer with the privileges of the affected application. An attacker may leverage this issue to execute arbitrary code with the privileges of the user that activated the affected application; this may facilitate privilege escalation or unauthorized access.
Affected Products
- VanDyke SecureCRT 4.0.1
- VanDyke SecureCRT 4.0.2
- VanDyke SecureCRT 4.0.3
- VanDyke SecureCRT 4.0.4
- VanDyke SecureCRT 4.0.5
- VanDyke SecureCRT 4.1.0
- VanDyke SecureCRT 4.1.1
- VanDyke SecureCRT 4.1.2
- VanDyke SecureCRT 4.1.3
- VanDyke SecureCRT 4.1.4
- VanDyke SecureCRT 4.1.5
- VanDyke SecureCRT 4.1.6
- VanDyke SecureCRT 4.1.7
- VanDyke SecureCRT 4.1.8
References
- BugTraq: 11731
- CVE: CVE-2004-1541
- URL: http://www.vandyke.com/support/advisory/2004/11/112304.html