Full title: Tectia SSH USERAUTH Change Request Password Reset 
Category: remote exploits
Platform: multiple
This Metasploit module exploits a vulnerability in Tectia SSH server for Unix-based platforms. The bug is caused by a SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ request before password authentication, allowing any remote user to bypass the login routine, and then gain access as root.

# 0day.today @ http://0day.today/