CVSS: 9.3EPSS: 50%CPEs: 3EXPL: 4CVE-2012-6066 – freeFTPd 1.2.6 - Remote Authentication Bypass
https://notcve.org/view.php?id=CVE-2012-6066
freeSSHd.exe in freeSSHd through 1.2.6 allows remote attackers to bypass authentication via a crafted session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c. freeSSHd.exe en freeSSHd hasta v1.2.6 permite a atacantes remotos evitar la autenticación a través de una sesión de SFTP manipulada, como lo demuestra un cliente OpenSSH con versiones modificadas de ssh.c y sshconnect2.c. • https://www.exploit-db.com/exploits/23079 https://www.exploit-db.com/exploits/24133 https://www.exploit-db.com/exploits/23080 https://github.com/bongbongco/CVE-2012-6066 http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0012.html https://seclists.org/fulldisclosure/2010/Aug/132 • CWE-287: Improper Authentication •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2009-3340
https://notcve.org/view.php?id=CVE-2009-3340
Unspecified vulnerability in FreeSSHD 1.2.4 allows remote attackers to cause a denial of service via unknown vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. Vulnerabilidad no especificada en FreeSSHD v1.2.4 permite a los atacantes remotos causar una denegación de servicio através de vectores desconocidos, como se demostró en cierto módulo en VulnDisco Pack Professional v8.11. NOTA como en 20090917, esta información no tiene información de la acción. • http://intevydis.com/vd-list.shtml http://secunia.com/advisories/36506 http://www.securitytracker.com/id?1022811 •