header-logo
Suggest Exploit
vendor:
SSH
by:
SecurityFocus
7.5
CVSS
HIGH
Remote Code Execution
78
CWE
Product Name: SSH
Affected Version From: SSH 1.2.3
Affected Version To: SSH 1.2.3
Patch Exists: YES
Related CWE: CVE-2002-0083
CPE: o:ssh:ssh:1.2.3
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Unix, Linux
2002

SSH (and derivatives) Remote Code Execution

It is possible for a remote user to upload files to world-writeable directories, and execute commands from world-writeable directories. In doing so, a user may be able to upload a script, and execute the script to gain access to a regular shell on the system. This would allow the user unrestricted, but unprivileged access.

Mitigation:

Restrict access to world-writeable directories.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/4547/info

SSH (and derivatives) is the protocol Secure Shell protocol implementation. It is available for various operating systems, although this vulnerability affects operating systems such as Unix and Linux.

It has been reported that it is possible for a remote user to upload files to world-writeable directories, and execute commands from world-writeable directories. In doing so, a user may be able to upload a script, and execute the script to gain access to a regular shell on the system. This would allow the user unrestricted, but unprivileged access.

After uploading 'malicious' to /tmp:

ssh -l user host '/tmp/malicious'

Navigation

Suggest Exploit

Services By CQR