APP: SecureCRT Configuration File in TELNET URL
This signature detects TELNET URLs that specify a SecureCRT configuration folder option. SecureCRT prior to 4.1.9 contain a vulnerability that allows configurations files to contain login script information. An attacker can entice a target to open a TELNET URL that specifies an external configuration file containing an arbitrary script.
Extended Description
A remote command execution vulnerability affects Van Dyke's SecureCRT. This issue is due to a design error that allows a remote attacker to execute arbitrary script on the affected computer with the privileges of the affected application. An attacker may leverage this issue to execute arbitrary code with the privileges of the user that activated the affected application; this may facilitate privilege escalation or unauthorized access.
Affected Products
Vandyke securecrt
References
BugTraq: 11731
CVE: CVE-2004-1541
URL: http://www.vandyke.com/support/advisory/2004/11/112304.html
Short Name
APP:SECURECRT-CONF
Severity
Minor
Recommended
False
Recommended Action
None
Category
APP
Keywords
CVE-2004-1541 Configuration File SecureCRT TELNET URL bid:11731 in
Release Date
12/14/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Vandyke
CVSS Score
7.5