Van Dyke SecureCRT远程命令执行漏洞

漏洞信息详情

Van Dyke SecureCRT远程命令执行漏洞

• CNNVD编号：CNNVD-200412-310
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2004-1541
  
• 漏洞类型：
  
  
  设计错误
  
• 发布时间：
  
  2004-12-31
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2006-06-15
  
• 厂        商：
  
  van_dyke_technologies
• 漏洞来源：
  .’);”>Discovery of this …

SecureCRT 4.0，4.1，可能还有其他版本存在漏洞。远程攻击者借助telnet：// URL执行任意命令，该telnet：// URL使用/F选项指定samba分享中的配置文件。

Van Dyke has released version 4.1.9 of the affected software dealing with this issue.
Van Dyke has made an advisory available regarding this issue. Please see the reference section for more information.
Van Dyke Technologies SecureCRT 4.0.1

• Van Dyke Technologies SecureCRT 4.1.9
  
  http://www.vandyke.com/download/securecrt/index.html

Van Dyke Technologies SecureCRT 4.0.2

• Van Dyke Technologies SecureCRT 4.1.9
  
  http://www.vandyke.com/download/securecrt/index.html

Van Dyke Technologies SecureCRT 4.0.3

• Van Dyke Technologies SecureCRT 4.1.9
  
  http://www.vandyke.com/download/securecrt/index.html

Van Dyke Technologies SecureCRT 4.0.4

• Van Dyke Technologies SecureCRT 4.1.9
  
  http://www.vandyke.com/download/securecrt/index.html

Van Dyke Technologies SecureCRT 4.0.5

• Van Dyke Technologies SecureCRT 4.1.9
  
  http://www.vandyke.com/download/securecrt/index.html

Van Dyke Technologies SecureCRT 4.1

• Van Dyke Technologies SecureCRT 4.1.9
  
  http://www.vandyke.com/download/securecrt/index.html

Van Dyke Technologies SecureCRT 4.1.1

• Van Dyke Technologies SecureCRT 4.1.9
  
  http://www.vandyke.com/download/securecrt/index.html

Van Dyke Technologies SecureCRT 4.1.2

• Van Dyke Technologies SecureCRT 4.1.9
  
  http://www.vandyke.com/download/securecrt/index.html

Van Dyke Technologies SecureCRT 4.1.3

• Van Dyke Technologies SecureCRT 4.1.9
  
  http://www.vandyke.com/download/securecrt/index.html

Van Dyke Technologies SecureCRT 4.1.4

• Van Dyke Technologies SecureCRT 4.1.9
  
  http://www.vandyke.com/download/securecrt/index.html

Van Dyke Technologies SecureCRT 4.1.5

• Van Dyke Technologies SecureCRT 4.1.9
  
  http://www.vandyke.com/download/securecrt/index.html

Van Dyke Technologies SecureCRT 4.1.6

• Van Dyke Technologies SecureCRT 4.1.9
  
  http://www.vandyke.com/download/securecrt/index.html

Van Dyke Technologies SecureCRT 4.1.7

• Van Dyke Technologies SecureCRT 4.1.9
  
  http://www.vandyke.com/download/securecrt/index.html

Van Dyke Technologies SecureCRT 4.1.8

• Van Dyke Technologies SecureCRT 4.1.9
  
  http://www.vandyke.com/download/securecrt/index.html

来源: XF
名称: securecrt-folder-command-execution(18201)
链接:http://xforce.iss.net/xforce/xfdb/18201

来源: BID
名称: 11731
链接:http://www.securityfocus.com/bid/11731

来源: SECUNIA
名称: 13275
链接:http://secunia.com/advisories/13275/

来源: BUGTRAQ
名称: 20041123 SecureCRT – Remote Command Execution
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=110129164332226&w=2