CVE-2008-0096

Georgia SoftWorks SSH2 Server < 7.01.0003 - Remote Code Execution via Long Username or Password

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-0096. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary The provided text describes multiple remote code-execution vulnerabilities (format-string and buffer-overflow) in Georgia SoftWorks Secure Shell Server 7.01.0003. It references ExploitDB and a GitLab link for the exploit but does not contain actual exploit code.

Description

Multiple buffer overflows in Georgia SoftWorks SSH2 Server (GSW_SSHD) 7.01.0003 and earlier allow remote attackers to execute arbitrary code via a (1) a long username, which triggers an overflow in the log function; or (2) a long password.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Luigi Auriemma · textremotelinux

https://www.exploit-db.com/exploits/30971

View Code ZIP pw:eip

The provided text describes multiple remote code-execution vulnerabilities (format-string and buffer-overflow) in Georgia SoftWorks Secure Shell Server 7.01.0003. It references ExploitDB and a GitLab link for the exploit but does not contain actual exploit code.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: Georgia SoftWorks Secure Shell Server 7.01.0003

No auth needed

Prerequisites: Network access to the vulnerable server · Vulnerable version of Georgia SoftWorks Secure Shell Server

MITRE ATT&CK