Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9
CVSSv2

CVE-2008-4726

Published: 24/10/2008 Updated: 11/10/2018
CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8
VMScore: 905
Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

Vulnerability Summary

Stack-based buffer overflow in the SFTP subsystem in GoodTech SSH 6.4 allows remote authenticated users to execute arbitrary code via a long string to the (1) open (aka SSH_FXP_OPEN), (2) unlink, (3) opendir, and other unspecified parameters.

Vulnerable Product Search on Vulmon Subscribe to Product

goodtechsystems goodtech ssh 6.4

Exploits

Exploit DB: GoodTech SSH - 'SSH_FXP_OPEN' Remote Buffer Overflow
# GoodTech SSH Remote Buffer Overflow Exploit # Written by r0ut3r - writ3r [at] gmailcom # # SSH_FXP_OPEN command contains a buffer oveflow # # All other operations are also vulnerable, opendir, unlink, etc # # 0day for 2 months :) use Net::SSH2; my $user = "root"; my $pass = "yahh"; my $ip = "127001"; my $port = 22; my $ssh2 = Net::SSH2- ...

References

CWE-119http://secunia.com/advisories/32375http://www.securityfocus.com/bid/31879http://securityreason.com/securityalert/4498http://www.vupen.com/english/advisories/2008/2895https://exchange.xforce.ibmcloud.com/vulnerabilities/46038https://www.exploit-db.com/exploits/6804http://www.securityfocus.com/archive/1/497745/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/6804/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30043cameraCVE-2023-40404CVE-2024-2793client sideCVE-2024-4469CVE-2024-3565CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook