Incapsula Protection
Printer Backdoor
Hardware malware
Nuclear Plant hacked
Java zero-day exploit
RedHack hacker
Sign up for Updates
Remote 0day Exploit for Tectia SSH Server released
on
Hacker @kingcope
critical vulnerability in Tectia SSH Server. Exploit working on SSH-2.0-6.1.9.95 SSH Tectia Server (Latest available version from www.tectia.com) that allow attacker to bypass Authentication remotely.
Description : An attacker in the possession of a valid username of an SSH Tectia installation running on UNIX (verified on AIX/Linux) can login without a password. The bug is in the “SSH USERAUTH CHANGE REQUEST” routines which are there to allow a user to change their password. A bug in the code allows an attacker to login without a password by forcing a password change request prior to authentication.Download Exploit Code : Click Here
A default installation on Linux (version 6.1.9.95 of Tectia) is vulnerable to the attack. Eric Romang posted a Demo video on Youtube, hope you will like it 
Command Source : http://goo.gl/BHqWd
About Author:
Mohit Kumar aka ‘Unix Root’ is Founder and Editor-in-chief of ‘The Hacker News’. He is a Security Researcher and Analyst, with experience in various aspects of Information Security. His editorials always get people thinking and participating in the new and exciting world of cyber security. Other than this : He is an Internet Activist, Strong supporter of Anonymous & Wikileaks. His all efforts are to make internet more Secure. Follow him @ Twitter | LinkedIn | Google | Email
Tags:
0day
,
0day Exploit
,
Critical vulnerability
,
proof of concept
,
Remote exploit
,
server hacking
,
ssh exploit
,
Tectia SSH Server
,
video
,
Vulnerability
The content of – Remote 0day Exploit for Tectia SSH Server released and other Information in this article is only for Educational Purpose, provided by various legit sources and deep analysis of our Security Research Team. Please feel free to Contact us. Thank You !
Older Post
‘; var pageArea = document.getElementsByName(“pageArea”);
var blogPager = document.getElementById(“blog-pager”); if(postNum 0)
html =”;
if(blogPager)
blogPager.innerHTML = html;
} function showpageCount2(json) var thisUrl = home_page_url;
var htmlMap = new Array();
var isLablePage = thisUrl.indexOf(“/search/label/”)!=-1;
var thisLable = isLablePage ? thisUrl.substr(thisUrl.indexOf(“/search/label/”)+14,thisUrl.length) : “”;
thisLable = thisLable.indexOf(“?”)!=-1 ? thisLable.substr(0,thisLable.indexOf(“?”)) : thisLable;
var thisNum = 1;
var postNum=1;
var itemCount = 0;
var fFlag = 0;
var eFlag = 0;
var html= ”;
var upPageHtml =”;
var downPageHtml =”; var labelHtml = ‘
‘;
}else
upPageHtml = ‘
‘;
fFlag++;
} if(p==(thisNum-1))
html += ‘
‘+thisNum+’
‘;
else
if(p==0)
html = labelHtml+’1′;
else
html += ‘
‘;
} if(eFlag ==0 && p == thisNum)
downPageHtml = ‘
‘;
eFlag++;
}
} if(thisNum>1)
if(!isLablePage)
html = ”+upPageHtml+’ ‘+html +’ ‘;
else
html = ”+upPageHtml+’ ‘+html +’ ‘;
} html = ‘
Pages (‘+(postNum-1)+’)'+html; if(thisNum’; var pageArea = document.getElementsByName(“pageArea”);
var blogPager = document.getElementById(“blog-pager”); if(postNum 0)
html =”;
if(blogPager)
blogPager.innerHTML = html;
}
Loading
;
See original article:
Remote 0day Exploit for Tectia SSH Server released
Print 
PDF
