CVE-2006-4315

CVSS 7.2 - HIGH

Description

Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server before 4.4.5, and Manager 2.12 and earlier, when running on Windows, might allow local users to gain privileges via a malicious program file under "Program Files" or its subdirectories.

Affected Products

Vendor	Product	Version
ssh	tectia_client	`4.0`
ssh	tectia_client	`4.0.1`
ssh	tectia_client	`4.0.3`
ssh	tectia_client	`4.0.4`
ssh	tectia_client	`4.0.5`
ssh	tectia_client	`4.2`
ssh	tectia_client	`4.2.1`
ssh	tectia_client	`4.3`
ssh	tectia_client	`4.3.1`
ssh	tectia_client	`4.3.1j`
ssh	tectia_client	`4.3.2`
ssh	tectia_client	`4.3.3`
ssh	tectia_client	`4.3.4`
ssh	tectia_client	`4.3.5`
ssh	tectia_client	`4.3.6`
ssh	tectia_client	`4.3.7`
ssh	tectia_client	`4.3.8k`
ssh	tectia_client	`4.4`
ssh	tectia_client	`4.4.1`
ssh	tectia_client	`4.4.2`
ssh	tectia_client	`4.4.3`
ssh	tectia_client	`4.4.4`
ssh	tectia_client	`4.4.5`
ssh	tectia_client	`5.0`
ssh	tectia_client	`5.0.1`
ssh	tectia_connector	`5.0`
ssh	tectia_connector	`5.0.1`
ssh	tectia_manager	`1.3`
ssh	tectia_manager	`1.4`
ssh	tectia_manager	`2.1.2`
ssh	tectia_server	`4.0`
ssh	tectia_server	`4.0.3`
ssh	tectia_server	`4.0.4`
ssh	tectia_server	`4.0.5`
ssh	tectia_server	`4.2.1`
ssh	tectia_server	`4.3`
ssh	tectia_server	`4.3.1`
ssh	tectia_server	`4.3.2`
ssh	tectia_server	`4.3.3`
ssh	tectia_server	`4.3.4`
ssh	tectia_server	`4.3.5`
ssh	tectia_server	`4.3.6`
ssh	tectia_server	`4.3.7`
ssh	tectia_server	`4.4`
ssh	tectia_server	`4.4.2`
ssh	tectia_server	`4.4.3`
ssh	tectia_server	`4.4.4`
ssh	tectia_server	`4.4.5`
ssh	tectia_server	`5.0`
ssh	tectia_server	`5.0.1`