Vulnerability CVE-2005-2770


Published: 2005-09-02   Modified: 2012-02-12

Description:
WRQ Reflection for Secure IT Windows Server 6.0 (formerly known as F-Secure SSH server) does not properly handle when the Windows Administrator or Guest accounts are renamed after SSH key authentication has been configured, which allows remote attackers to use the original names during login.

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
WRQ -> Wrq reflection for secure it windows server 

 References:
http://www.kb.cert.org/vuls/id/902110
http://secunia.com/advisories/16649/
http://support.wrq.com/techdocs/1910.html
http://securitytracker.com/id?1014835

Copyright 2024, cxsecurity.com

 

Back to Top