CVE-2012-5975

NONE EPSS 98.3%
Published Dec 4, 201213y ago · Modified Jun 16, 20262w ago
Find Similar
Published Dec 4, 2012 13y ago
Last Modified Jun 16, 2026 2w ago

Description

The SSH USERAUTH CHANGE REQUEST feature in SSH Tectia Server 6.0.4 through 6.0.20, 6.1.0 through 6.1.12, 6.2.0 through 6.2.5, and 6.3.0 through 6.3.2 on UNIX and Linux, when old-style password authentication is enabled, allows remote attackers to bypass authentication via a crafted session involving entry of blank passwords, as demonstrated by a root login session from a modified OpenSSH client with an added input_userauth_passwd_changereq call in sshconnect2.c.

Threat Intelligence

EPSS Exploit Probability
98.3% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-287 Improper Authentication Authentication

Affected Products 36

VendorProductVersionRange
sshtectia_server6.0.4any
sshtectia_server6.0.5any
sshtectia_server6.0.6any
sshtectia_server6.0.7any
sshtectia_server6.0.8any
sshtectia_server6.0.9any
sshtectia_server6.0.10any
sshtectia_server6.0.11any
sshtectia_server6.0.12any
sshtectia_server6.0.13any
sshtectia_server6.0.14any
sshtectia_server6.0.17any
sshtectia_server6.0.18any
sshtectia_server6.0.19any
sshtectia_server6.0.20.any
sshtectia_server6.1.0any
sshtectia_server6.1.1any
sshtectia_server6.1.2any
sshtectia_server6.1.3any
sshtectia_server6.1.4any
sshtectia_server6.1.5any
sshtectia_server6.1.6any
sshtectia_server6.1.7any
sshtectia_server6.1.8any
sshtectia_server6.1.9any
sshtectia_server6.1.12any
sshtectia_server6.2.0any
sshtectia_server6.2.1any
sshtectia_server6.2.2any
sshtectia_server6.2.3any
sshtectia_server6.2.4any
sshtectia_server6.2.5any
sshtectia_server6.3.0any
sshtectia_server6.3.1any
sshtectia_server6.3.2any
linuxlinux_kernel*any

References 4

  • archives.neohapsis.com http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0013.html
  • archives.neohapsis.com http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0065.html
  • exploit-db.com http://www.exploit-db.com/exploits/23082/
  • github.com https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/ssh/tectia_passwd_changereq.rb
    Exploit

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.