tectia software vulnerabilities
vulnerabilities.aspcode.net
Searching tectia software vulnerabilities
Race condition in SSH Tectia Server 4.0.3 and 4
condition
|
Tectia
|
Server
|
Race
|
SSH
|
Race condition in SSH Tectia Server 4.0.3 and 4.0.4 for Unix, when the password change plugin (ssh-passwd-plugin) is enabled, allows local users to obtain the server's private key.
SSH Tectia Server 4.3.1 and earlier, and SSH Se
Server
|
Tectia
|
SSH
|
SSH Tectia Server 4.3.1 and earlier, and SSH Secure Shell for Windows Servers, uses insecure permissions when generating the Secure Shell host identification key, which allows local users to access the key and spoof the server.
Format string vulnerability in a logging functi
vulnerability
|
including
|
function
|
various
|
servers
|
logging
|
string
|
Format
|
used
|
SFTP
|
Format string vulnerability in a logging function as used by various SFTP servers, including (1) AttachmateWRQ Reflection for Secure IT UNIX Server before 6.0.0.9, (2) Reflection for Secure IT Windows Server before 6.0 build 38, (3) F-Secure SSH Server for Windows before 5.3 build 35, (4) F-Secure SSH Server for UNIX 3.0 through 5.0.8, (5) SSH Tectia Server 4.3.6 and earlier and 4.4.0, and (6) SSH Shell Server 3.2.9 and earlier, allows remote authenticated users to execute arbitrary commands via unspecified vectors, involving crafted filenames and the stat command.
Unquoted Windows search path vulnerability in m
Client/Server/Connector
|
vulnerability
|
including
|
multiple
|
products
|
Unquoted
|
Windows
|
search
|
Tectia
|
path
|
SSH
|
Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server before 4.4.5, and Manager 2.12 and earlier, when running on Windows, might allow local users to gain privileges via a malicious program file under "Program Files" or its subdirectories.
SSH Tectia Management Agent 2.1.2 allows local
Management
|
Tectia
|
Agent
|
SSH
|
SSH Tectia Management Agent 2.1.2 allows local users to gain root privileges by running a program called sshd, which is obtained from a process listing when the "Restart" action is selected from the Management server GUI, which causes the agent to locate the pathname of the user's program and restart it with root privileges.
SSH Tectia Client/Server/Connector 5.1.0 and ea
Client/Server/Connector
|
Tectia
|
SSH
|
SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 2.2.0 and earlier, and other products, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents Tectia from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339.
SSH Tectia Server for IBM z/OS before 5.4.0 use
Server
|
before
|
Tectia
|
z/OS
|
SSH
|
IBM
|
SSH Tectia Server for IBM z/OS before 5.4.0 uses insecure world-writable permissions for (1) the server pid file, which allows local users to cause arbitrary processes to be stopped, or (2) when _BPX_BATCH_UMASK is missing from the environment, creates HFS files with insecure permissions, which allows local users to read or modify these files and have other unknown impact.
Software vulnerabilities results 1 to 8 of 8
Page:
1