CVE-2006-0705

Name of the Vulnerable Software and Affected Versions: AttachmateWRQ Reflection for Secure IT UNIX Server versions prior to 6.0.0.9 AttachmateWRQ Reflection for Secure IT Windows Server versions prior to 6.0 build 38 F-Secure SSH Server for Windows versions prior to 5.3 build 35 F-Secure SSH Server for UNIX versions 3.0 through 5.0.8 SSH Tectia Server versions prior to 4.3.7 SSH Shell Server versions prior to 3.2.9

Description: The issue allows remote authenticated users to execute arbitrary commands via crafted filenames and the stat command, potentially leading to a breach of confidentiality, integrity, and availability of protected information. This can be exploited by a remote attacker who has passed the authentication procedure.

Recommendations: For AttachmateWRQ Reflection for Secure IT UNIX Server versions prior to 6.0.0.9, update to version 6.0.0.9 or later. For AttachmateWRQ Reflection for Secure IT Windows Server versions prior to 6.0 build 38, update to version 6.0 build 38 or later. For F-Secure SSH Server for Windows versions prior to 5.3 build 35, update to version 5.3 build 35 or later. For F-Secure SSH Server for UNIX versions 3.0 through 5.0.8, update to a version later than 5.0.8. For SSH Tectia Server versions prior to 4.3.7, update to version 4.3.7 or later. For SSH Shell Server versions prior to 3.2.9, update to version 3.2.9 or later.