Published: 06/06/2008 Updated: 11/10/2018

CVSS v2 Base Score: 8.5 | Impact Score: 10 | Exploitability Score: 6.8

VMScore: 860

Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C

Stack-based buffer overflow in SFTP in freeSSHd 1.2.1 allows remote authenticated users to execute arbitrary code via a long directory name in an SSH_FXP_OPENDIR (aka opendir) command.

Vulnerable Product	Search on Vulmon	Subscribe to Product
freesshd freesshd 1.2.1

#!/usr/bin/perl ############################################################################### # FreeSSHD 121 (Post Auth) Remote Seh Overflow freeddsshdcom/ # # Exploit based on securfrog Poc wwwmilw0rmcom/exploits/5709 # # # # ...

############################################################################### # FreeSSHD remote Buffer Overflow # # Website: freesshdcom/ # # Version:121 # # Bug: Remote Buffer Overflow ( CD) # #First chance exceptions are reported before any exception handling #This exception may be expected and handled #eax=00000001 ebx=00000000 ec ...

CWE-119 http://www.securityfocus.com/bid/29453 http://secunia.com/advisories/30498 http://www.securitytracker.com/id?1020212 http://www.vupen.com/english/advisories/2008/1711/references https://www.exploit-db.com/exploits/5751 https://www.exploit-db.com/exploits/5709 http://www.securityfocus.com/archive/1/493180/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/5751/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-2573

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect