CVE-2019-25590
Denial of Service in Axessh 4.2 via Log Filename Buffer Overflow
Publication date: 2026-03-22
Last updated on: 2026-03-22
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| axessh | axessh | 4.2 |
| axessh | axessh | to 4.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1282 | Immutable data, such as a first-stage bootloader, device identifiers, and "write-once" configuration settings are stored in writable memory that can be re-programmed or updated in the field. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2019-25590 is a denial of service vulnerability in Axessh version 4.2 and earlier. It occurs due to a flaw in the logging configuration where local attackers can crash the application by supplying an excessively long string in the log file name field.
When session logging is enabled, an attacker can input a buffer of 500 or more characters into the log file name parameter, which triggers a crash during the establishment of a Telnet connection.
This vulnerability is classified under CWE-1282, involving assumed-immutable data being stored in writable memory.
How can this vulnerability impact me? :
This vulnerability can cause a denial of service by crashing the Axessh application when an attacker supplies an excessively long log file name string.
As a result, legitimate users may be unable to establish Telnet connections or use the affected service, leading to service disruption.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if the Axessh application version 4.2 or earlier is running with session logging enabled.
To test for the vulnerability, an attacker or tester can attempt to establish a Telnet connection while supplying an excessively long string (500 or more characters) in the log file name parameter to see if the application crashes.
Since the vulnerability is triggered locally by providing a long string in the log file name, detection commands would involve interacting with the Axessh configuration or logs to verify if such long strings are accepted or cause crashes.
- Check Axessh version: `axessh --version` or equivalent command to confirm version 4.2 or earlier.
- Verify if session logging is enabled in the Axessh configuration files.
- Attempt to establish a Telnet connection with a crafted log file name parameter containing 500+ characters to observe if the application crashes.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include disabling session logging in Axessh to prevent attackers from exploiting the log file name parameter.
Alternatively, restrict or sanitize the input length for the log file name parameter to prevent excessively long strings from being processed.
If possible, upgrade Axessh to a version later than 4.2 where this vulnerability is fixed.
Limit local user access to the system running Axessh to reduce the risk of local attackers exploiting this vulnerability.