Bugtraq mailing list archives
Re: Arbitrary Code Execution Vulnerability in VanDyke SecureCRT 3.4 & 4.0 beta
From: Jim Paris <jim () jtan com>
Date: Sun, 28 Jul 2002 06:14:55 -0400
Thanks (and to Jim Paris). I of course did not mean that it was OK for the client to have code injection "portholes". I just meant that the particular exploit path that was described wasn't very interesting since someone who maliciously controls the sshd to which you are speaking has so many other opportunities to exploit you.
Once again, you're wrong. "The particular exploit path that was desscribed" does _not_ require that someone can control the sshd to which you're speaking -- it only requires that someone can control your TCP/IP traffic. There's a very big difference there. Obviously, the security of your TCP/IP traffic is solved with host key verification and cryptography. But this bug in SecureCRT happens way, way before any of that takes place. -jim
Current thread:
- Re: Arbitrary Code Execution Vulnerability in VanDyke SecureCRT 3.4 & 4.0 beta kelli burkinshaw (Jul 23)
- <Possible follow-ups>
- Re: Arbitrary Code Execution Vulnerability in VanDyke SecureCRT 3.4 & 4.0 beta kelli burkinshaw (Jul 25)
- RE: Arbitrary Code Execution Vulnerability in VanDyke SecureCRT 3.4 & 4.0 beta Burton M. Strauss III (Jul 26)
- Re: Arbitrary Code Execution Vulnerability in VanDyke SecureCRT 3.4 & 4.0 beta Bela Lubkin (Jul 27)
- Re: Arbitrary Code Execution Vulnerability in VanDyke SecureCRT 3.4 & 4.0 beta Bela Lubkin (Jul 28)
- Re: Arbitrary Code Execution Vulnerability in VanDyke SecureCRT 3.4 & 4.0 beta Russell Harding (Jul 28)
- Re: Arbitrary Code Execution Vulnerability in VanDyke SecureCRT 3.4 & 4.0 beta Bela Lubkin (Jul 28)
- Re: Arbitrary Code Execution Vulnerability in VanDyke SecureCRT 3.4 & 4.0 beta Jim Paris (Jul 29)
- RE: Arbitrary Code Execution Vulnerability in VanDyke SecureCRT 3.4 & 4.0 beta Burton M. Strauss III (Jul 26)