PT-2018-19077 · None · Freesshd
Publicado
2018-07-10
·
Atualizado
2019-10-03
·
CVE-2018-9853
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
freeSSHd version 1.3.1
Description
The issue is related to insecure access control, allowing attackers to gain privileges of the freesshd.exe process. This can be achieved by logging in to an unprivileged account on the server.
Recommendations
For freeSSHd version 1.3.1, consider restricting access to unprivileged accounts on the server until a fix is available. As a temporary workaround, review and limit the privileges assigned to the freesshd.exe process to minimize potential damage.
Exploit
Correção
Improper Privilege Management
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Freesshd