CVE-2006-2407 Information
Description
Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10 allows remote attackers to execute arbitrary code via a long key exchange algorithm string.
Reference
http://marc.info/?l=full-disclosure&m=114764338702488&w=2 http://secunia.com/advisories/19845 http://secunia.com/advisories/19846 http://secunia.com/advisories/20136 http://securityreason.com/securityalert/901 http://www.kb.cert.org/vuls/id/477960 http://www.osvdb.org/25463 http://www.osvdb.org/25569 http://www.securityfocus.com/archive/1/434007/100/0/threaded http://www.securityfocus.com/archive/1/434038/100/0/threaded http://www.securityfocus.com/archive/1/434402/100/0/threaded http://www.securityfocus.com/archive/1/434415/100/0/threaded http://www.securityfocus.com/archive/1/434415/30/4920/threaded http://www.securityfocus.com/bid/17958 http://www.vupen.com/english/advisories/2006/1785 http://www.vupen.com/english/advisories/2006/1786 http://www.vupen.com/english/advisories/2006/1842 https://exchange.xforce.ibmcloud.com/vulnerabilities/26442
Share on: