Search criteria
6 vulnerabilities found for tectia_manager by ssh
CVE-2006-5484 (GCVE-0-2006-5484)
Vulnerability from nvd – Published: 2006-10-24 22:00 – Updated: 2024-08-07 19:55
VLAI
Summary
SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 2.2.0 and earlier, and other products, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents Tectia from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://securitytracker.com/id?1017060 | vdb-entryx_refsource_SECTRACK |
| http://secunia.com/advisories/22350 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2006/4032 | vdb-entryx_refsource_VUPEN |
| http://www.ssh.com/company/news/2006/english/secu… | x_refsource_CONFIRM |
| http://www.kb.cert.org/vuls/id/845620 | third-party-advisoryx_refsource_CERT-VN |
| http://securitytracker.com/id?1017061 | vdb-entryx_refsource_SECTRACK |
Date Public
2006-10-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:55:52.735Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017060",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017060"
},
{
"name": "22350",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22350"
},
{
"name": "ADV-2006-4032",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4032"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"name": "VU#845620",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"name": "1017061",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017061"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 2.2.0 and earlier, and other products, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents Tectia from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-26T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017060",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017060"
},
{
"name": "22350",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22350"
},
{
"name": "ADV-2006-4032",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4032"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"name": "VU#845620",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"name": "1017061",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017061"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5484",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 2.2.0 and earlier, and other products, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents Tectia from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017060",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017060"
},
{
"name": "22350",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22350"
},
{
"name": "ADV-2006-4032",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4032"
},
{
"name": "http://www.ssh.com/company/news/2006/english/security/article/786/",
"refsource": "CONFIRM",
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"name": "VU#845620",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"name": "1017061",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017061"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5484",
"datePublished": "2006-10-24T22:00:00.000Z",
"dateReserved": "2006-10-24T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:55:52.735Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4316 (GCVE-0-2006-4316)
Vulnerability from nvd – Published: 2006-08-23 22:00 – Updated: 2024-08-07 19:06
VLAI
Summary
SSH Tectia Management Agent 2.1.2 allows local users to gain root privileges by running a program called sshd, which is obtained from a process listing when the "Restart" action is selected from the Management server GUI, which causes the agent to locate the pathname of the user's program and restart it with root privileges.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.ssh.com/company/news/2006/english/secu… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/19677 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/28159 | vdb-entryx_refsource_OSVDB |
| http://securitytracker.com/id?1016744 | vdb-entryx_refsource_SECTRACK |
| http://secunia.com/advisories/21559 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2006-08-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:06:07.414Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ssh-tectia-restart-privilege-escalation(28561)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28561"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ssh.com/company/news/2006/english/security/article/776/"
},
{
"name": "19677",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19677"
},
{
"name": "28159",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/28159"
},
{
"name": "1016744",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016744"
},
{
"name": "21559",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21559"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SSH Tectia Management Agent 2.1.2 allows local users to gain root privileges by running a program called sshd, which is obtained from a process listing when the \"Restart\" action is selected from the Management server GUI, which causes the agent to locate the pathname of the user\u0027s program and restart it with root privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ssh-tectia-restart-privilege-escalation(28561)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28561"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ssh.com/company/news/2006/english/security/article/776/"
},
{
"name": "19677",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19677"
},
{
"name": "28159",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/28159"
},
{
"name": "1016744",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016744"
},
{
"name": "21559",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21559"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4316",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SSH Tectia Management Agent 2.1.2 allows local users to gain root privileges by running a program called sshd, which is obtained from a process listing when the \"Restart\" action is selected from the Management server GUI, which causes the agent to locate the pathname of the user\u0027s program and restart it with root privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ssh-tectia-restart-privilege-escalation(28561)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28561"
},
{
"name": "http://www.ssh.com/company/news/2006/english/security/article/776/",
"refsource": "CONFIRM",
"url": "http://www.ssh.com/company/news/2006/english/security/article/776/"
},
{
"name": "19677",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19677"
},
{
"name": "28159",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28159"
},
{
"name": "1016744",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016744"
},
{
"name": "21559",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21559"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4316",
"datePublished": "2006-08-23T22:00:00.000Z",
"dateReserved": "2006-08-23T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:06:07.414Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4315 (GCVE-0-2006-4315)
Vulnerability from nvd – Published: 2006-08-23 22:00 – Updated: 2024-08-07 19:06
VLAI
Summary
Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server before 4.4.5, and Manager 2.12 and earlier, when running on Windows, might allow local users to gain privileges via a malicious program file under "Program Files" or its subdirectories.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/19679 | vdb-entryx_refsource_BID |
| http://securitytracker.com/id?1016743 | vdb-entryx_refsource_SECTRACK |
| http://www.ssh.com/company/news/2006/english/secu… | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2006-08-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:06:07.126Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19679",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19679"
},
{
"name": "1016743",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016743"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ssh.com/company/news/2006/english/security/article/775/"
},
{
"name": "ssh-tectia-pathname-privilege-escalation(28566)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28566"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server before 4.4.5, and Manager 2.12 and earlier, when running on Windows, might allow local users to gain privileges via a malicious program file under \"Program Files\" or its subdirectories."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19679",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19679"
},
{
"name": "1016743",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016743"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ssh.com/company/news/2006/english/security/article/775/"
},
{
"name": "ssh-tectia-pathname-privilege-escalation(28566)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28566"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4315",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server before 4.4.5, and Manager 2.12 and earlier, when running on Windows, might allow local users to gain privileges via a malicious program file under \"Program Files\" or its subdirectories."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19679",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19679"
},
{
"name": "1016743",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016743"
},
{
"name": "http://www.ssh.com/company/news/2006/english/security/article/775/",
"refsource": "CONFIRM",
"url": "http://www.ssh.com/company/news/2006/english/security/article/775/"
},
{
"name": "ssh-tectia-pathname-privilege-escalation(28566)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28566"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4315",
"datePublished": "2006-08-23T22:00:00.000Z",
"dateReserved": "2006-08-23T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:06:07.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5484 (GCVE-0-2006-5484)
Vulnerability from cvelistv5 – Published: 2006-10-24 22:00 – Updated: 2024-08-07 19:55
VLAI
Summary
SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 2.2.0 and earlier, and other products, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents Tectia from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://securitytracker.com/id?1017060 | vdb-entryx_refsource_SECTRACK |
| http://secunia.com/advisories/22350 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2006/4032 | vdb-entryx_refsource_VUPEN |
| http://www.ssh.com/company/news/2006/english/secu… | x_refsource_CONFIRM |
| http://www.kb.cert.org/vuls/id/845620 | third-party-advisoryx_refsource_CERT-VN |
| http://securitytracker.com/id?1017061 | vdb-entryx_refsource_SECTRACK |
Date Public
2006-10-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:55:52.735Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017060",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017060"
},
{
"name": "22350",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22350"
},
{
"name": "ADV-2006-4032",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4032"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"name": "VU#845620",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"name": "1017061",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017061"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 2.2.0 and earlier, and other products, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents Tectia from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-26T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017060",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017060"
},
{
"name": "22350",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22350"
},
{
"name": "ADV-2006-4032",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4032"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"name": "VU#845620",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"name": "1017061",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017061"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5484",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 2.2.0 and earlier, and other products, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents Tectia from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017060",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017060"
},
{
"name": "22350",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22350"
},
{
"name": "ADV-2006-4032",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4032"
},
{
"name": "http://www.ssh.com/company/news/2006/english/security/article/786/",
"refsource": "CONFIRM",
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"name": "VU#845620",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"name": "1017061",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017061"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5484",
"datePublished": "2006-10-24T22:00:00.000Z",
"dateReserved": "2006-10-24T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:55:52.735Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4316 (GCVE-0-2006-4316)
Vulnerability from cvelistv5 – Published: 2006-08-23 22:00 – Updated: 2024-08-07 19:06
VLAI
Summary
SSH Tectia Management Agent 2.1.2 allows local users to gain root privileges by running a program called sshd, which is obtained from a process listing when the "Restart" action is selected from the Management server GUI, which causes the agent to locate the pathname of the user's program and restart it with root privileges.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.ssh.com/company/news/2006/english/secu… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/19677 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/28159 | vdb-entryx_refsource_OSVDB |
| http://securitytracker.com/id?1016744 | vdb-entryx_refsource_SECTRACK |
| http://secunia.com/advisories/21559 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2006-08-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:06:07.414Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ssh-tectia-restart-privilege-escalation(28561)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28561"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ssh.com/company/news/2006/english/security/article/776/"
},
{
"name": "19677",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19677"
},
{
"name": "28159",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/28159"
},
{
"name": "1016744",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016744"
},
{
"name": "21559",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21559"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SSH Tectia Management Agent 2.1.2 allows local users to gain root privileges by running a program called sshd, which is obtained from a process listing when the \"Restart\" action is selected from the Management server GUI, which causes the agent to locate the pathname of the user\u0027s program and restart it with root privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ssh-tectia-restart-privilege-escalation(28561)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28561"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ssh.com/company/news/2006/english/security/article/776/"
},
{
"name": "19677",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19677"
},
{
"name": "28159",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/28159"
},
{
"name": "1016744",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016744"
},
{
"name": "21559",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21559"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4316",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SSH Tectia Management Agent 2.1.2 allows local users to gain root privileges by running a program called sshd, which is obtained from a process listing when the \"Restart\" action is selected from the Management server GUI, which causes the agent to locate the pathname of the user\u0027s program and restart it with root privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ssh-tectia-restart-privilege-escalation(28561)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28561"
},
{
"name": "http://www.ssh.com/company/news/2006/english/security/article/776/",
"refsource": "CONFIRM",
"url": "http://www.ssh.com/company/news/2006/english/security/article/776/"
},
{
"name": "19677",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19677"
},
{
"name": "28159",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28159"
},
{
"name": "1016744",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016744"
},
{
"name": "21559",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21559"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4316",
"datePublished": "2006-08-23T22:00:00.000Z",
"dateReserved": "2006-08-23T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:06:07.414Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4315 (GCVE-0-2006-4315)
Vulnerability from cvelistv5 – Published: 2006-08-23 22:00 – Updated: 2024-08-07 19:06
VLAI
Summary
Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server before 4.4.5, and Manager 2.12 and earlier, when running on Windows, might allow local users to gain privileges via a malicious program file under "Program Files" or its subdirectories.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/19679 | vdb-entryx_refsource_BID |
| http://securitytracker.com/id?1016743 | vdb-entryx_refsource_SECTRACK |
| http://www.ssh.com/company/news/2006/english/secu… | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2006-08-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:06:07.126Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19679",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19679"
},
{
"name": "1016743",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016743"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ssh.com/company/news/2006/english/security/article/775/"
},
{
"name": "ssh-tectia-pathname-privilege-escalation(28566)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28566"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server before 4.4.5, and Manager 2.12 and earlier, when running on Windows, might allow local users to gain privileges via a malicious program file under \"Program Files\" or its subdirectories."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19679",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19679"
},
{
"name": "1016743",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016743"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ssh.com/company/news/2006/english/security/article/775/"
},
{
"name": "ssh-tectia-pathname-privilege-escalation(28566)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28566"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4315",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server before 4.4.5, and Manager 2.12 and earlier, when running on Windows, might allow local users to gain privileges via a malicious program file under \"Program Files\" or its subdirectories."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19679",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19679"
},
{
"name": "1016743",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016743"
},
{
"name": "http://www.ssh.com/company/news/2006/english/security/article/775/",
"refsource": "CONFIRM",
"url": "http://www.ssh.com/company/news/2006/english/security/article/775/"
},
{
"name": "ssh-tectia-pathname-privilege-escalation(28566)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28566"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4315",
"datePublished": "2006-08-23T22:00:00.000Z",
"dateReserved": "2006-08-23T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:06:07.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}