|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[SA12450] NetScreen-IDP scp Directory Traversal Vulnerability
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Fri Sep 03 2004 - 07:04:43 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
TITLE:
NetScreen-IDP scp Directory Traversal Vulnerability
SECUNIA ADVISORY ID:
SA12450
VERIFY ADVISORY:
http://secunia.com/advisories/12450/
CRITICAL:
Less critical
IMPACT:
Manipulation of data
WHERE:
From remote
OPERATING SYSTEM:
NetScreen-IDP 3.x
http://secunia.com/product/3861/
NetScreen-IDP 2.x
http://secunia.com/product/2218/
DESCRIPTION:
Juniper Networks has acknowledged an older vulnerability in OpenSSH
for Netscreen-IDP, which potentially can be exploited by malicious
people to overwrite arbitrary files on a vulnerable device.
The problem is that the scp utility doesn't perform proper input
validation on file names when transferring them. This can be
exploited to overwrite an arbitrary file with the privileges of the
user via a directory traversal attack.
Successful exploitation requires that a user connects to a malicious
SSH server and transfers a file using the scp utility.
The vulnerability affects version 3.0r2 and prior.
SOLUTION:
Updated OpenSSH packages are available via the Juniper Networks CSC
Web Portal.
http://www.juniper.net/support/
Don't connect to untrusted SSH servers and transfer files using the
scp utility.
ORIGINAL ADVISORY:
http://www.juniper.net/support/security/alerts/adv59739.txt
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]