Insecure access control in freeSSHd version 1.3.1 allows attackers to obtain the privileges of the freesshd.exe process by leveraging the ability to login to an unprivileged account on the server.
Max CVSS
9.8
EPSS Score
0.26%
Published
2018-07-10
Updated
2019-10-03
CVE-2012-6066
Public exploit
freeSSHd.exe in freeSSHd through 1.2.6 allows remote attackers to bypass authentication via a crafted session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c.
Max CVSS
9.3
EPSS Score
24.32%
Published
2012-12-04
Updated
2012-12-05
Multiple buffer overflows in freeSSHd 1.2.1 allow remote authenticated users to cause a denial of service (crash) and execute arbitrary code via a long (1) open, (2) unlink, (3) mkdir, (4) rmdir, or (5) stat SFTP command.
Max CVSS
9.0
EPSS Score
2.22%
Published
2009-08-05
Updated
2018-10-11
Stack-based buffer overflow in freeSSHd 1.2.1 allows remote authenticated users to cause a denial of service (service crash) and potentially execute arbitrary code via a long argument to the (1) rename and (2) realpath parameters.
Max CVSS
9.0
EPSS Score
7.61%
Published
2008-10-28
Updated
2018-10-11
Stack-based buffer overflow in SFTP in freeSSHd 1.2.1 allows remote authenticated users to execute arbitrary code via a long directory name in an SSH_FXP_OPENDIR (aka opendir) command.
Max CVSS
8.5
EPSS Score
8.85%
Published
2008-06-06
Updated
2018-10-11
5 vulnerabilities found