HomePentest-Tools.com Logo

FreeSSHD Key Exchange Buffer Overflow CVE-2006-2407

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

A vulnerable version of FreeSSHd is installed on the remote host.

Risk description

The version installed does not validate key exchange strings send by a SSH client. This results in a buffer overflow and possible a compromise of the host if the client is sending a long key exchange string. Note : At this point the FreeSSHD Service is reported down. You should start it manually again.

Recommendation

Upgrade to the latest release. See the references for more information.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
May 16, 2006
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available