5 matches found
CVE-2006-1038
CVE-2006-1038 concerns a buffer overflow in Van Dyke SecureCRT 5.0.4 and earlier and SecureFX 3.0.4 and earlier. The underlying issue occurs when a Unicode string is converted to a narrow string, enabling remote attackers to trigger the overflow. The impact is described as unknown in the sources,...
CVE-2002-1059
The CVE-2002-1059 vulnerability affects Van Dyke/ SecureCRT SSH client via a remote buffer overflow caused by an overly long SSH1 protocol version string. Affected versions include SecureCRT before 3.4.6 and 4.x before 4.0 beta 3, enabling the SSH server to potentially execute arbitrary code. Mit...
CVE-2003-0047
CVE-2003-0047 affects VanDyke’s SSH2 clients: SecureCRT (versions 4.0.2 and 3.4.7), SecureFX (2.1.2 and 2.0.4), and Entunnel (1.0.2 and earlier). The issue is that logon credentials, including plaintext passwords, are not cleared from memory, allowing an attacker with memory access to recover SSH...
CVE-2004-1541
CVE-2004-1541 affects VanDyke SecureCRT for Windows (notably 4.0 and 4.1; likely others) where a telnet:// URL using the /F option to specify a configuration file on a Samba share can cause arbitrary command execution. Root cause: insecure handling of telnet URL/remote configuration folder refere...
CVE-2001-1466
CVE-2001-1466 : The connected sources confirm a vulnerability in VanDyke SecureCRT (pre-3.4.2) where a buffer overflow is triggered by a long username or password when using the SSH-1 protocol , allowing remote code execution. The description is consistent across NVD/CVE records; exploitation det...