Vulnerabilities > CVE-2001-0155 - Unspecified vulnerability in VAN Dyke Technologies Vshell

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

van-dyke-technologies

NVD

Published: 2001-06-02

Updated: 2008-09-05

Summary

Format string vulnerability in VShell SSH gateway 1.0.1 and earlier allows remote attackers to execute arbitrary commands via a user name that contains format string specifiers.

Vulnerable Configurations

Part	Description	Count
Application	Van_Dyke_Technologies VAN Dyke Technologies Vshell *	1

References

http://www.atstake.com/research/advisories/2001/a021601-1.txt
http://www.vandyke.com/products/vshell/security102.html