2 matches found
CVE-2006-1038
CVE-2006-1038 concerns a buffer overflow in Van Dyke SecureCRT 5.0.4 and earlier and SecureFX 3.0.4 and earlier. The underlying issue occurs when a Unicode string is converted to a narrow string, enabling remote attackers to trigger the overflow. The impact is described as unknown in the sources,...
CVE-2003-0047
CVE-2003-0047 affects VanDyke’s SSH2 clients: SecureCRT (versions 4.0.2 and 3.4.7), SecureFX (2.1.2 and 2.0.4), and Entunnel (1.0.2 and earlier). The issue is that logon credentials, including plaintext passwords, are not cleared from memory, allowing an attacker with memory access to recover SSH...