9.3
CVSSv2

CVE-2012-6066

Published: 04/12/2012 Updated: 21/11/2024

Vulnerability Summary

freeSSHd.exe in freeSSHd up to and including 1.2.6 allows remote malicious users to bypass authentication via a crafted session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c.

Vulnerable Product Search on Vulmon Subscribe to Product

freesshd freesshd

freesshd freesshd 1.2.1

freesshd freesshd 1.2.2

Exploits

FreeFTPD all versions Remote System Level Exploit Zero-Day -- No username needed, straightforward rooting! Discovered & Exploited By Kingcope Year 2011 -- githubcom/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/23079zip Example banner: WeOnlyDo-wodFTPD 236165 This package includes all you need to successfully r ...
FreeSSHD all version Remote Authentication Bypass ZERODAY Discovered & Exploited by Kingcope Year 2011 # Exploit-DB Mirror: githubcom/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/23080zip Run like: sshexe -l<valid username> <host> valid username might be: root admin administrator webadmin sysadmin ...
require 'msf/core' require 'tempfile' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::Tcp include Msf::Exploit::EXE def initialize(info={}) super(update_info(info, 'Name' => "Freesshd Authentication Bypass", 'Description' => %q{ This module exploits a vulnerabil ...

Github Repositories

FreeSSHD Remote Authentication Bypass Vulnerability (freeSSHd 2.1.3)

CVE-2012-6066 FreeSSHD Remote Authentication Bypass Vulnerability (freeSSHd 213) Version check : nmap -A