ID de Prueba:	1.3.6.1.4.1.25623.1.0.900165
Categoría:	Denial of Service
Título:	freeSSHd SFTP 'rename' and 'realpath' Remote DoS Vulnerability
Resumen:	freeSSHd SSH server is prone to a remote denial of service vulnerability. NULL pointer de-referencing errors in SFTP 'rename' and 'realpath' commands. These can be exploited by passing overly long string passed as an argument to the affected commands.
Descripción:	Summary: freeSSHd SSH server is prone to a remote denial of service vulnerability. NULL pointer de-referencing errors in SFTP 'rename' and 'realpath' commands. These can be exploited by passing overly long string passed as an argument to the affected commands. Vulnerability Impact: Successful exploitation will cause denial of service. Affected Software/OS: freeSSHd freeSSHd version 1.2.1.14 and prior on Windows (all) Solution: Upgrade to freeSSHd version 1.2.6 or later. CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4762 BugTraq ID: 31872 http://www.securityfocus.com/bid/31872 Bugtraq: 20081022 freeSSHd (stf - rename) Buffer Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/497746/100/0/threaded https://www.exploit-db.com/exploits/6800 https://www.exploit-db.com/exploits/6812 http://www.securitytracker.com/id?1021096 http://secunia.com/advisories/32366 http://securityreason.com/securityalert/4515 http://www.vupen.com/english/advisories/2008/2897 XForce ISS Database: freesshd-rename-realpath-dos(46046) https://exchange.xforce.ibmcloud.com/vulnerabilities/46046
Copyright	Copyright (C) 2008 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.