VYPR
Vendor

Freesshd

Products
1
CVEs
10
Across products
10
Status
Private

Products

1

Recent CVEs

10
  • CVE-2018-9853CriJul 10, 2018
    risk 0.64cvss 9.8epss 0.01

    Insecure access control in freeSSHd version 1.3.1 allows attackers to obtain the privileges of the freesshd.exe process by leveraging the ability to login to an unprivileged account on the server.

  • CVE-2017-1000475HigJan 24, 2018
    risk 0.51cvss 7.8epss 0.01

    FreeSSHd 1.3.1 version is vulnerable to an Unquoted Path Service allowing local users to launch processes with elevated privileges.

  • CVE-2006-2407May 16, 2006
    risk 0.09cvss epss 0.71

    Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange algorithm string.

  • CVE-2012-6066Dec 4, 2012
    risk 0.06cvss epss 0.40

    freeSSHd.exe in freeSSHd through 1.2.6 allows remote attackers to bypass authentication via a crafted session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c.

  • CVE-2008-4762Oct 28, 2008
    risk 0.04cvss epss 0.14

    Stack-based buffer overflow in freeSSHd 1.2.1 allows remote authenticated users to cause a denial of service (service crash) and potentially execute arbitrary code via a long argument to the (1) rename and (2) realpath parameters.

  • CVE-2024-0723Jan 19, 2024
    risk 0.03cvss epss 0.04

    A vulnerability was found in freeSSHd 1.0.9 on Windows. It has been classified as problematic. This affects an unknown part. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.…

  • CVE-2008-6899Aug 5, 2009
    risk 0.03cvss epss 0.05

    Multiple buffer overflows in freeSSHd 1.2.1 allow remote authenticated users to cause a denial of service (crash) and execute arbitrary code via a long (1) open, (2) unlink, (3) mkdir, (4) rmdir, or (5) stat SFTP command.

  • CVE-2008-2573Jun 6, 2008
    risk 0.03cvss epss 0.06

    Stack-based buffer overflow in SFTP in freeSSHd 1.2.1 allows remote authenticated users to execute arbitrary code via a long directory name in an SSH_FXP_OPENDIR (aka opendir) command.

  • CVE-2008-0852Feb 21, 2008
    risk 0.03cvss epss 0.06

    freeSSHd 1.2 and earlier allows remote attackers to cause a denial of service (crash) via a SSH2_MSG_NEWKEYS packet to TCP port 22, which triggers a NULL pointer dereference.

  • CVE-2009-3340Sep 24, 2009
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in FreeSSHD 1.2.4 allows remote attackers to cause a denial of service via unknown vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because…