virus logo Intrusion Prevention

VanDyke.SecureCRT.SSH1.Identifier.Buffer.Overflow

description-logoDescription

It indicates a possible exploit of "buffer overflow vulnerability" in Van Dyke TechnologiesSecureCRT.


SecureCRT is a terminal emulator software and supports SSH protocol for securely accessing devices and HOST computers. A buffer overflow vulnerability is reported in it that may allow an attacker to execute arbitrary code on the vulnerable SecurCRT client machine. This is due to Secure CRT client application failure to boundary check the initial SSH1 Server response. This may be exploited by an attacker by sending long string via the server version and identifier data to cause buffer overflow for executing arbitrary code on the vulnerable system.

affected-products-logoAffected Products

Van Dyke TechnologiesSecureCRT 2.x, 3.x, 4.0 beta 2 and earlier versions.

Impact logoImpact

Compromise of the affected system.

recomended-action-logoRecommended Actions

Upgrade according to following vendor recommendation http://www.vandyke.com/products/securecrt/security07-25-02.html

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

1
ID 10124
Created Jun 17, 2005
Updated Jan 13, 2022
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Exploit Prediction Score 73.11%
Default Action drop
Active
Affected OS Windows
Affected App Other
Profile Type Buffer Errors