Freesshd

Freesshd

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-0723

Exploit
  • EPSS 0.94%
  • Veröffentlicht 19.01.2024 17:15:08
  • Zuletzt bearbeitet 21.11.2024 08:47:13

A vulnerability was found in freeSSHd 1.0.9 on Windows. It has been classified as problematic. This affects an unknown part. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed t...

9.8

CVE-2018-9853

  • EPSS 0.36%
  • Veröffentlicht 10.07.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:15:48

Insecure access control in freeSSHd version 1.3.1 allows attackers to obtain the privileges of the freesshd.exe process by leveraging the ability to login to an unprivileged account on the server.

7.8

CVE-2017-1000475

Exploit
  • EPSS 0.41%
  • Veröffentlicht 24.01.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:04:48

FreeSSHd 1.3.1 version is vulnerable to an Unquoted Path Service allowing local users to launch processes with elevated privileges.

9.3

CVE-2012-6066

  • EPSS 71.24%
  • Veröffentlicht 04.12.2012 23:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

freeSSHd.exe in freeSSHd through 1.2.6 allows remote attackers to bypass authentication via a crafted session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c.

5

CVE-2009-3340

  • EPSS 0.54%
  • Veröffentlicht 24.09.2009 16:30:01
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in FreeSSHD 1.2.4 allows remote attackers to cause a denial of service via unknown vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090917, this disclosure has no actionable in...

9

CVE-2008-6899

Exploit
  • EPSS 10.17%
  • Veröffentlicht 05.08.2009 22:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple buffer overflows in freeSSHd 1.2.1 allow remote authenticated users to cause a denial of service (crash) and execute arbitrary code via a long (1) open, (2) unlink, (3) mkdir, (4) rmdir, or (5) stat SFTP command.

9

CVE-2008-4762

  • EPSS 37.03%
  • Veröffentlicht 28.10.2008 02:00:04
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Stack-based buffer overflow in freeSSHd 1.2.1 allows remote authenticated users to cause a denial of service (service crash) and potentially execute arbitrary code via a long argument to the (1) rename and (2) realpath parameters.

8.5

CVE-2008-2573

Exploit
  • EPSS 16.64%
  • Veröffentlicht 06.06.2008 18:32:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Stack-based buffer overflow in SFTP in freeSSHd 1.2.1 allows remote authenticated users to execute arbitrary code via a long directory name in an SSH_FXP_OPENDIR (aka opendir) command.

5

CVE-2008-0852

Exploit
  • EPSS 5.38%
  • Veröffentlicht 21.02.2008 00:44:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

freeSSHd 1.2 and earlier allows remote attackers to cause a denial of service (crash) via a SSH2_MSG_NEWKEYS packet to TCP port 22, which triggers a NULL pointer dereference.

7.5

CVE-2006-2407

Exploit
  • EPSS 79.89%
  • Veröffentlicht 16.05.2006 10:02:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange...