Overview
The Windows version of SSH Secure Shell for Workstations contains a buffer overflow vulnerability that may allow an attacker to execute arbitrary code.
Description
The SSH Secure Shell for Workstations client includes a URL-handling feature that allows users to launch URLs that appear in the terminal window. When the user clicks on a URL, it will be launched using their default browser. Versions 3.1 to 3.2.0 of this application contain a buffer overflow vulnerability that is triggered when the launched URL is approximately 500 characters or greater in length. To exploit this vulnerability, an attacker must supply a malicious URL to a terminal session and convince the victim to launch it. |
Impact
This vulnerability allows an attacker to execute arbitrary code by convincing an unsuspecting user to click on a malicious URL. |
Solution
Apply a patch |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
The CERT/CC thanks SSH Communications Security for reporting this vulnerability.
This document was written by Jeffrey P. Lanza.
Other Information
| CVE IDs: | None |
| Severity Metric: | 1.60 |
| Date Public: | 2002-11-25 |
| Date First Published: | 2002-12-04 |
| Date Last Updated: | 2002-12-13 23:50 UTC |
| Document Revision: | 16 |