PT-2005-3255 · Mrv Communications · In-Reach Lx-4000S+2

Published

2005-07-20

Updated

2008-09-05

CVE-2005-2329

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions MRV Communications In-Reach LX-8000S, LX-4000S, and LX-1000S version 3.5.0

Description The issue allows remote authenticated users to access the consoles of other users when using SSH public key authentication, due to improper restriction of access to ports.

Recommendations For MRV Communications In-Reach LX-8000S, LX-4000S, and LX-1000S version 3.5.0, consider restricting access to SSH public key authentication until a proper fix is available. As a temporary workaround, restrict access to the consoles of other users to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-2329

Affected Products

In-Reach Lx-1000S

In-Reach Lx-4000S

In-Reach Lx-8000S

PT-2005-3255 · Mrv Communications · In-Reach Lx-4000S+2

CVE-2005-2329

Related Identifiers

Affected Products

References · 4