CVE-2002-1059 – SecureCRT 2.4/3.x/4.0 - SSH1 Identifier String Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-1059
Buffer overflow in Van Dyke SecureCRT SSH client before 3.4.6, and 4.x before 4.0 beta 3, allows an SSH server to execute arbitrary code via a long SSH1 protocol version string. • https://www.exploit-db.com/exploits/21634 https://www.exploit-db.com/exploits/16460 https://www.exploit-db.com/exploits/21635 http://marc.info/?l=bugtraq&m=102744150718462&w=2 http://marc.info/?l=bugtraq&m=102746007908689&w=2 http://www.iss.net/security_center/static/9650.php http://www.osvdb.org/4991 http://www.securityfocus.com/bid/5287 http://www.vandyke.com/products/securecrt/security07-25-02.html •
CVE-2001-1466
https://notcve.org/view.php?id=CVE-2001-1466
Buffer overflow in VanDyke SecureCRT before 3.4.2, when using the SSH-1 protocol, allows remote attackers to execute arbitrary code via a long (1) username or (2) password. • http://archives.neohapsis.com/archives/vuln-dev/2001-q4/0967.html http://www.kb.cert.org/vuls/id/216227 https://exchange.xforce.ibmcloud.com/vulnerabilities/10111 •