FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

SSH.COM SFTP server -- format string vulnerability

Affected packages
ssh2 < 3.2.9.1_5
ssh2-nox11 < 3.2.9.1_5

Details

VuXML ID 594ad3c5-a39b-11da-926c-0800209adf0e
Discovery 2006-02-13
Entry 2006-03-04
Modified 2006-03-06

SSH Communications Security Corp reports a format string vulnerability in their SFTP server. This vulnerability could cause a user with SCP/SFTP access only to get permission to execute also other commands. It could also allow user A to create a special file that when accessed by user B allows user A to execute commands as user B.

References

Bugtraq ID 16640
CVE Name CVE-2006-0705
URL http://secunia.com/advisories/18828
URL http://securitytracker.com/id?1015619
URL http://www.frsirt.com/english/advisories/2006/0554
URL http://www.ssh.com/company/newsroom/article/715/
URL http://xforce.iss.net/xforce/xfdb/24651

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.