Vulnerabilities > CVE-2006-4315 - Privilege Escalation vulnerability in SSH Tectia Windows Path Specification

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

ssh

NVD

Published: 2006-08-23

Updated: 2017-07-20

Summary

Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server before 4.4.5, and Manager 2.12 and earlier, when running on Windows, might allow local users to gain privileges via a malicious program file under "Program Files" or its subdirectories.

Vulnerable Configurations

Part	Description	Count
Application	Ssh SSH Tectia Client 4.0 SSH Tectia Client 4.0.1 SSH Tectia Client 4.0.3 SSH Tectia Client 4.0.4 SSH Tectia Client 4.0.5 SSH Tectia Client 4.2 SSH Tectia Client 4.2.1 SSH Tectia Client 4.3 SSH Tectia Client 4.3.1 SSH Tectia Client 4.3.1J SSH Tectia Client 4.3.2 SSH Tectia Client 4.3.3 SSH Tectia Client 4.3.4 SSH Tectia Client 4.3.5 SSH Tectia Client 4.3.6 SSH Tectia Client 4.3.7 SSH Tectia Client 4.3.8K SSH Tectia Client 4.4 SSH Tectia Client 4.4.1 SSH Tectia Client 4.4.2 SSH Tectia Client 4.4.3 SSH Tectia Client 4.4.4 SSH Tectia Client 4.4.5 SSH Tectia Client 5.0 SSH Tectia Client 5.0.1 SSH Tectia Connector 5.0 SSH Tectia Connector 5.0.1 SSH Tectia Manager 1.3 SSH Tectia Manager 1.4 SSH Tectia Manager 2.1.2 SSH Tectia Server 4.0 SSH Tectia Server 4.0.3 SSH Tectia Server 4.0.4 SSH Tectia Server 4.0.5 SSH Tectia Server 4.2.1 SSH Tectia Server 4.3 SSH Tectia Server 4.3.1 SSH Tectia Server 4.3.2 SSH Tectia Server 4.3.3 SSH Tectia Server 4.3.4 SSH Tectia Server 4.3.5 SSH Tectia Server 4.3.6 SSH Tectia Server 4.3.7 SSH Tectia Server 4.4 SSH Tectia Server 4.4.2 SSH Tectia Server 4.4.3 SSH Tectia Server 4.4.4 SSH Tectia Server 4.4.5 SSH Tectia Server 5.0 SSH Tectia Server 5.0.1	50

Summary

Vulnerable Configurations

References