Freesshd

freesshd

11 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (11)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-0723 1Freesshd 1Freesshd Nov 21, 2024 Jan 19, 2024 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A vulnerability was found in freeSSHd 1.0.9 on Windows. It has been classified as problematic. This affects an unknown part. The manipulation leads to denial of service. It is possible to initiate the attack remotely. Th...Show more A vulnerability was found in freeSSHd 1.0.9 on Windows. It has been classified as problematic. This affects an unknown part. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251547.Show less
CVE-2022-27052 1Freesshd 1Freeftpd Nov 21, 2024 Mar 31, 2022 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 FreeFtpd version 1.0.13 and below contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges.
CVE-2018-9853 1Freesshd 1Freesshd Nov 21, 2024 Jul 10, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Insecure access control in freeSSHd version 1.3.1 allows attackers to obtain the privileges of the freesshd.exe process by leveraging the ability to login to an unprivileged account on the server.
CVE-2017-1000475 1Freesshd 1Freesshd Nov 21, 2024 Jan 24, 2018 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 FreeSSHd 1.3.1 version is vulnerable to an Unquoted Path Service allowing local users to launch processes with elevated privileges.
CVE-2012-6066 1Freesshd 1Freesshd Apr 29, 2026 Dec 4, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 freeSSHd.exe in freeSSHd through 1.2.6 allows remote attackers to bypass authentication via a crafted session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c.
CVE-2009-3340 1Freesshd 1Freesshd Apr 23, 2026 Sep 24, 2009 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Unspecified vulnerability in FreeSSHD 1.2.4 allows remote attackers to cause a denial of service via unknown vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090917, this d...Show more Unspecified vulnerability in FreeSSHD 1.2.4 allows remote attackers to cause a denial of service via unknown vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.Show less
CVE-2008-6899 1Freesshd 1Freesshd Apr 23, 2026 Aug 5, 2009 N/A· v4 N/A· v3 9.0 HIGH· v2 Multiple buffer overflows in freeSSHd 1.2.1 allow remote authenticated users to cause a denial of service (crash) and execute arbitrary code via a long (1) open, (2) unlink, (3) mkdir, (4) rmdir, or (5) stat SFTP command...Show more Multiple buffer overflows in freeSSHd 1.2.1 allow remote authenticated users to cause a denial of service (crash) and execute arbitrary code via a long (1) open, (2) unlink, (3) mkdir, (4) rmdir, or (5) stat SFTP command.Show less
CVE-2008-4762 1Freesshd 1Freesshd Apr 23, 2026 Oct 28, 2008 N/A· v4 N/A· v3 9.0 HIGH· v2 Stack-based buffer overflow in freeSSHd 1.2.1 allows remote authenticated users to cause a denial of service (service crash) and potentially execute arbitrary code via a long argument to the (1) rename and (2) realpath p...Show more Stack-based buffer overflow in freeSSHd 1.2.1 allows remote authenticated users to cause a denial of service (service crash) and potentially execute arbitrary code via a long argument to the (1) rename and (2) realpath parameters.Show less
CVE-2008-2573 1Freesshd 1Freesshd Apr 23, 2026 Jun 6, 2008 N/A· v4 N/A· v3 8.5 HIGH· v2 Stack-based buffer overflow in SFTP in freeSSHd 1.2.1 allows remote authenticated users to execute arbitrary code via a long directory name in an SSH_FXP_OPENDIR (aka opendir) command.
CVE-2008-0852 1Freesshd 1Freesshd Apr 23, 2026 Feb 21, 2008 N/A· v4 N/A· v3 5.0 MEDIUM· v2 freeSSHd 1.2 and earlier allows remote attackers to cause a denial of service (crash) via a SSH2_MSG_NEWKEYS packet to TCP port 22, which triggers a NULL pointer dereference.
CVE-2006-2407 3Freeftpd FreesshdWeonlydo 3Freeftpd FreesshdWodsshserver Apr 16, 2026 May 16, 2006 N/A· v4 N/A· v3 7.5 HIGH· v2 Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attackers to execute arbitrar...Show more Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange algorithm string.Show less