SSH Communications Secure Shell Windows客户端URLCatcher缓冲区溢出漏洞

漏洞信息详情

SSH Communications Secure Shell Windows客户端URLCatcher缓冲区溢出漏洞

• CNNVD编号：CNNVD-200211-039
• 危害等级： 超危
  
  
• CVE编号：
  CVE-2002-1645
  
• 漏洞类型：
  
  
  缓冲区溢出
  
• 发布时间：
  
  2002-11-25
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  ssh
• 漏洞来源：
  Vulnerability anno…

Workstations客户端3.1至3.2.0版本中SSH Secure Shell的URL catcher功能存在缓冲区溢出漏洞。远程攻击者可以借助超长URL执行任意代码。

Fixes available:
SSH Communications Security SSH2 3.1

• SSH Communications Security SSHSecureShellClient 3.1.5 English Version
  
  http://ftp.ssh.com/priv/secureshell/h7cq89th/windows/
• SSH Communications Security SSHSecureShellClient 3.1.5 French Version
  
  http://ftp.ssh.com/priv/secureshell/h7cq89th/francais/windows/
• SSH Communications Security SSHSecureShellClient 3.1.5 German Version
  
  http://ftp.ssh.com/priv/secureshell/h7cq89th/deutsch/windows/
• SSH Communications Security SSHSecureShellClient 3.1.5 Japanese Version
  
  http://ftp.ssh.com/priv/secureshell/h7cq89th/japanese/windows/

SSH Communications Security SSH2 3.1.1

• SSH Communications Security SSHSecureShellClient 3.1.5 English Version
  
  http://ftp.ssh.com/priv/secureshell/h7cq89th/windows/
• SSH Communications Security SSHSecureShellClient 3.1.5 French Version
  
  http://ftp.ssh.com/priv/secureshell/h7cq89th/francais/windows/
• SSH Communications Security SSHSecureShellClient 3.1.5 German Version
  
  http://ftp.ssh.com/priv/secureshell/h7cq89th/deutsch/windows/
• SSH Communications Security SSHSecureShellClient 3.1.5 Japanese Version
  
  http://ftp.ssh.com/priv/secureshell/h7cq89th/japanese/windows/

SSH Communications Security SSH2 3.1.2

• SSH Communications Security SSHSecureShellClient 3.1.5 English Version
  
  http://ftp.ssh.com/priv/secureshell/h7cq89th/windows/
• SSH Communications Security SSHSecureShellClient 3.1.5 French Version
  
  http://ftp.ssh.com/priv/secureshell/h7cq89th/francais/windows/
• SSH Communications Security SSHSecureShellClient 3.1.5 German Version
  
  http://ftp.ssh.com/priv/secureshell/h7cq89th/deutsch/windows/
• SSH Communications Security SSHSecureShellClient 3.1.5 Japanese Version
  
  http://ftp.ssh.com/priv/secureshell/h7cq89th/japanese/windows/

SSH Communications Security SSH2 3.1.3

• SSH Communications Security SSHSecureShellClient 3.1.5 English Version
  
  http://ftp.ssh.com/priv/secureshell/h7cq89th/windows/
• SSH Communications Security SSHSecureShellClient 3.1.5 French Version
  
  http://ftp.ssh.com/priv/secureshell/h7cq89th/francais/windows/
• SSH Communications Security SSHSecureShellClient 3.1.5 German Version
  
  http://ftp.ssh.com/priv/secureshell/h7cq89th/deutsch/windows/
• SSH Communications Security SSHSecureShellClient 3.1.5 Japanese Version
  
  http://ftp.ssh.com/priv/secureshell/h7cq89th/japanese/windows/

SSH Communications Security SSH2 3.1.4

• SSH Communications Security SSHSecureShellClient 3.1.5 English Version
  
  http://ftp.ssh.com/priv/secureshell/h7cq89th/windows/
• SSH Communications Security SSHSecureShellClient 3.1.5 French Version
  
  http://ftp.ssh.com/priv/secureshell/h7cq89th/francais/windows/
• SSH Communications Security SSHSecureShellClient 3.1.5 German Version
  
  http://ftp.ssh.com/priv/secureshell/h7cq89th/deutsch/windows/
• SSH Communications Security SSHSecureShellClient 3.1.5 Japanese Version
  
  http://ftp.ssh.com/priv/secureshell/h7cq89th/japanese/windows/

SSH Communications Security SSH2 3.2

• SSH Communications Security SSHSecureShellClient 3.2.2
  
  http://ftp.ssh.com/priv/secureshell/6g3zslpk/windows/SSHSecureShellCli
  ent.exe

来源:US-CERT Vulnerability Note: VU#140977
名称: VU#140977
链接:http://www.kb.cert.org/vuls/id/140977

来源: www.ssh.com
链接:http://www.ssh.com/company/newsroom/article/287/

来源: BID
名称: 6263
链接:http://www.securityfocus.com/bid/6263

来源: XF
名称: ssh-client-url-bo(10723)
链接:http://xforce.iss.net/xforce/xfdb/10723