| VID |
14042 |
| Severity |
30 |
| Port |
22 |
| Protocol |
TCP |
| Class |
SSH |
| Detailed Description |
A version of Reflection for Secure IT Server which is older than 6.0 Build 24 has been installed on the host. AttachmateWRQ Reflection for Secure IT Windows Server (formerly known as F-Secure SSH Server for Windows) versions prior to 6.0 Build 24 running on Microsoft Windows platforms are vulnerable to multiple vulnerabilities, which can be exploited by malicious, local users to disclose certain sensitive information, or by malicious users to bypass certain security restrictions.
* Note: This check solely relied on the banner of the remote SSH server to assess this vulnerability, so this might be a false positive.
* References:
http://support.wrq.com/techdocs/1867.html
http://support.wrq.com/techdocs/1910.html
http://www.securitytracker.com/alerts/2005/Sep/1014835.html
http://www.kb.cert.org/vuls/id/758054
http://www.kb.cert.org/vuls/id/902110
http://secunia.com/advisories/16649/
* Platforms Affected:
WRQ Reflection for Secure IT Windows Server versions prior to 6.0 Build 24
F-Secure SSH Server for Windows Any version
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of Reflection for Secure IT Windows Server (6.0 Build 24 or later), as listed in WRQ Support Technical Note 1867 at http://support.wrq.com/techdocs/1867.html |
| Related URL |
CVE-2005-2770,CVE-2005-2771 (CVE) |
| Related URL |
14733,14734,14735 (SecurityFocus) |
| Related URL |
22123,22125,22131 (ISS) |
|
