TITLE: WRQ Reflection Secure IT SFTP Format String Vulnerability SECUNIA ADVISORY ID: SA18843 VERIFY ADVISORY: http://secunia.com/advisories/18843/ CRITICAL: Moderately critical IMPACT: System access WHERE: >From remote SOFTWARE: WRQ Reflection for Secure IT UNIX Server 6.x http://secunia.com/product/8068/ F-Secure SSH for Windows 5.x http://secunia.com/product/188/ F-Secure SSH for UNIX 5.x http://secunia.com/product/8069/ F-Secure SSH for UNIX 4.x http://secunia.com/product/8076/ F-Secure SSH for UNIX 3.x http://secunia.com/product/2290/ WRQ Reflection for Secure IT Windows Server 6.x http://secunia.com/product/5642/ DESCRIPTION: A vulnerability has been reported in Reflection Secure IT, which can be exploited by malicious users to compromise a vulnerable system. The vulnerability is caused due to a format string error in the SFTP component during logging of accessed file names. This can potentially be exploited to execute arbitrary code via a file with specially crafted file name. Successful exploitation requires that a user is authenticated to the SFTP service. SOLUTION: Update to a fixed version. -- Windows Server -- Reflection for Secure IT Windows Server: Update to version 6.0 build 38. F-Secure SSH Server for Windows: Update to version 5.3 build 35. -- UNIX Server -- Reflection for Secure IT UNIX Server: Update to version 6.0.0.9. F-Secure SSH Server for UNIX: Update to version 5.0.8. PROVIDED AND/OR DISCOVERED BY: Reported by vendor. ORIGINAL ADVISORY: WRQ: http://support.wrq.com/techdocs/1882.html OTHER REFERENCES: US-CERT VU#419241: http://www.kb.cert.org/vuls/id/419241 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------