SB2020012324 - Multiple vulnerabilities in mysecureshell
Published: January 23, 2020 Updated: August 8, 2020
Security Bulletin ID
SB2020012324
CSH Severity
Low
Patch available
YES
Number of vulnerabilities
2
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 vulnerabilities.
1) Resource exhaustion (CVE-ID: CVE-2013-4175)
The vulnerability allows a local authenticated user to perform a denial of service (DoS) attack.
MySecureShell 1.31 has a Local Denial of Service Vulnerability
2) Information disclosure (CVE-ID: CVE-2013-4176)
The vulnerability allows a local authenticated user to gain access to sensitive information.
mysecureshell 1.31: Local Information Disclosure Vulnerability
Remediation
Install update from vendor's website.