PT-2005-3255 · Mrv Communications · In-Reach Lx-4000S+2

Publicado

2005-07-20

Atualizado

2008-09-05

CVE-2005-2329

CVSS v2.0

4.6

Média

Vetor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions MRV Communications In-Reach LX-8000S, LX-4000S, and LX-1000S version 3.5.0

Description The issue allows remote authenticated users to access the consoles of other users when using SSH public key authentication, due to improper restriction of access to ports.

Recommendations For MRV Communications In-Reach LX-8000S, LX-4000S, and LX-1000S version 3.5.0, consider restricting access to SSH public key authentication until a proper fix is available. As a temporary workaround, restrict access to the consoles of other users to minimize the risk of exploitation.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-2329

Produtos afetados

In-Reach Lx-1000S

In-Reach Lx-4000S

In-Reach Lx-8000S

PT-2005-3255 · Mrv Communications · In-Reach Lx-4000S+2

CVE-2005-2329

Identificadores relacionados

Produtos afetados

Referências · 4