Lucene search

[email protected]CVE-2008-2573

HistoryJun 06, 2008 - 6:32 p.m.

CVE-2008-2573

2008-06-0618:32:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-2573

stack-based buffer overflow

sftp

freesshd 1.2.1

remote code execution

nvd

7.7 High

AI Score

Confidence

High

8.5 High

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.088 Low

EPSS

Percentile

94.6%

JSON

Stack-based buffer overflow in SFTP in freeSSHd 1.2.1 allows remote authenticated users to execute arbitrary code via a long directory name in an SSH_FXP_OPENDIR (aka opendir) command.

Affected configurations

NVD

Node

freesshdfreesshdMatch1.2.1

CPENameOperatorVersion
freesshd:freesshdfreesshdeq1.2.1

CPE	Name	Operator	Version
freesshd:freesshd	freesshd	eq	1.2.1

References

secunia.com/advisories/30498

www.securityfocus.com/archive/1/493180/100/0/threaded

www.securityfocus.com/bid/29453

www.securitytracker.com/id?1020212

www.vupen.com/english/advisories/2008/1711/references

www.exploit-db.com/exploits/5709

www.exploit-db.com/exploits/5751

7.7 High

AI Score

Confidence

High

8.5 High

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.088 Low

EPSS

Percentile

94.6%

JSON

Related for CVE-2008-2573

cvelist1 prion1 nvd1