Remote 0day Exploit for Tectia SSH Server released

cd511 Remote 0day Exploit for Tectia SSH Server released



Incapsula Protection



Printer Backdoor



Hardware malware



Nuclear Plant hacked



Java zero-day exploit



RedHack hacker

Sign up for Updates



Remote 0day Exploit for Tectia SSH Server released

Author : Mohit Kumar

on

12/02/2012 08:46:00 PM

Hacker @kingcope

discovered

critical vulnerability in Tectia SSH Server. Exploit working on SSH-2.0-6.1.9.95 SSH Tectia Server (Latest available version from www.tectia.com) that allow attacker to bypass Authentication remotely.

Description : An attacker in the possession of a valid username of an SSH Tectia installation running on UNIX (verified on AIX/Linux) can login without a password. The bug is in the “SSH USERAUTH CHANGE REQUEST” routines which are there to allow a user to change their password. A bug in the code allows an attacker to login without a password by forcing a password change request prior to authentication.Download Exploit Code : Click Here

A default installation on Linux (version 6.1.9.95 of Tectia) is vulnerable to the attack. Eric Romang posted a Demo video on Youtube, hope you will like it icon smile Remote 0day Exploit for Tectia SSH Server released

Command Source : http://goo.gl/BHqWd

About Author:


Mohit Kumar
aka ‘Unix Root’ is Founder and Editor-in-chief of ‘The Hacker News’. He is a Security Researcher and Analyst, with experience in various aspects of Information Security. His editorials always get people thinking and participating in the new and exciting world of cyber security. Other than this : He is an Internet Activist, Strong supporter of Anonymous & Wikileaks. His all efforts are to make internet more Secure. Follow him @ Twitter | LinkedIn | |

Tags:

,

,

,

,

,

,

,

,

,

The content of – Remote 0day Exploit for Tectia SSH Server released and other Information in this article is only for Educational Purpose, provided by various legit sources and deep analysis of our Security Research Team. Please feel free to Contact us. Thank You !
Older Post

Home

‘; var pageArea = document.getElementsByName(“pageArea”);
var blogPager = document.getElementById(“blog-pager”); if(postNum 0)
html =”;
if(blogPager)
blogPager.innerHTML = html;
} function showpageCount2(json) var thisUrl = home_page_url;
var htmlMap = new Array();
var isLablePage = thisUrl.indexOf(“/search/label/”)!=-1;
var thisLable = isLablePage ? thisUrl.substr(thisUrl.indexOf(“/search/label/”)+14,thisUrl.length) : “”;
thisLable = thisLable.indexOf(“?”)!=-1 ? thisLable.substr(0,thisLable.indexOf(“?”)) : thisLable;
var thisNum = 1;
var postNum=1;
var itemCount = 0;
var fFlag = 0;
var eFlag = 0;
var html= ”;
var upPageHtml =”;
var downPageHtml =”; var labelHtml = ‘

‘;
var thisUrl = home_page_url; htmlMap[htmlMap.length]=labelHtml;
postNum++; for(var i=pageCount-1, post; post = json.feed.entry[i]; i=i+pageCount)
var timestamp1 = post.published.$t.substring(0,19)+post.published.$t.substring(23,29);
timestamp = encodeURIComponent(timestamp1); var title = post.title.$t; if(thisUrl.indexOf(timestamp)!=-1 )
thisNum = postNum;
if(title!=”) postNum++;
htmlMap[htmlMap.length] = ‘/search/label/’+thisLable+’?updated-max=’+timestamp+’&max-results=’+pageCount; itemCount++;
} var banyaknomer = htmlMap.length;
if (json.feed.entry.length % pageCount == 0)
var banyaknomer = htmlMap.length -1 ;
postNum=postNum-1;
; for(var p =0;p=(thisNum-displayPageNum-1) && p

‘;
}else
upPageHtml = ‘

‘+ upPageWord +’

‘;
fFlag++;
} if(p==(thisNum-1))
html += ‘

‘+thisNum+’

‘;
else
if(p==0)
html = labelHtml+’1′;
else
html += ‘

‘+ (p+1) +’

‘;

} if(eFlag ==0 && p == thisNum)
downPageHtml = ‘

‘+ downPageWord +’

‘;
eFlag++;

}
} if(thisNum>1)
if(!isLablePage)
html = ”+upPageHtml+’ ‘+html +’ ‘;
else
html = ”+upPageHtml+’ ‘+html +’ ‘;

} html = ‘

Pages (‘+(postNum-1)+’)’+html; if(thisNum’; var pageArea = document.getElementsByName(“pageArea”);
var blogPager = document.getElementById(“blog-pager”); if(postNum 0)
html =”;
if(blogPager)
blogPager.innerHTML = html;
}

Loading

;

See original article:  

Remote 0day Exploit for Tectia SSH Server released


Tags: , , , , , , , , , , , , , , ,

Leave a Reply

Loading

Recent Posts

Buy VPN

Archives

netload.in
%d bloggers like this: