Vulnerabilites related to weonlydo - wodsshserver
Vulnerability from fkie_nvd
Published
2006-05-16 10:02
Modified
2025-04-03 01:03
Severity ?
Summary
Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange algorithm string.
References
cve@mitre.orghttp://marc.info/?l=full-disclosure&m=114764338702488&w=2
cve@mitre.orghttp://secunia.com/advisories/19845Patch, Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/19846Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/20136Vendor Advisory
cve@mitre.orghttp://securityreason.com/securityalert/901
cve@mitre.orghttp://www.kb.cert.org/vuls/id/477960US Government Resource
cve@mitre.orghttp://www.osvdb.org/25463
cve@mitre.orghttp://www.osvdb.org/25569
cve@mitre.orghttp://www.securityfocus.com/archive/1/434007/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/434038/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/434402/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/434415/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/434415/30/4920/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/17958Exploit
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/1785Vendor Advisory
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/1786Vendor Advisory
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/1842Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/26442
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=full-disclosure&m=114764338702488&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19845Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19846Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20136Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/901
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/477960US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/25463
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/25569
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/434007/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/434038/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/434402/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/434415/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/434415/30/4920/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/17958Exploit
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/1785Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/1786Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/1842Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/26442
Impacted products
Vendor Product Version
freeftpd freeftpd 1.0.10
freesshd freesshd 1.0.9
weonlydo wodsshserver 1.2.7
weonlydo wodsshserver 1.3.3_demo



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:freeftpd:freeftpd:1.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "07F34D7A-D6EB-4818-83AD-0A6B40F4F37E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:freesshd:freesshd:1.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0856F72-9F1E-425C-B434-BB9DDF88BED6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:weonlydo:wodsshserver:1.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF7CF76-6EE4-481B-8034-8E4849AD6FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:weonlydo:wodsshserver:1.3.3_demo:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B750682-F305-4AAF-A973-88DA5F3200E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange algorithm string."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 y 1.3.3 DEMO, como se usa en otros productos incluyendo (2) FreeSSHd 1.0.9 y (3) freeFTPd 1.0.10, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una cadena de algoritmo de intercambio de clave larga."
    }
  ],
  "id": "CVE-2006-2407",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-05-16T10:02:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=full-disclosure\u0026m=114764338702488\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19845"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19846"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20136"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/901"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/477960"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/25463"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/25569"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/434007/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/434038/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/434402/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/434415/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/434415/30/4920/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/17958"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/1785"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/1786"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/1842"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26442"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=full-disclosure\u0026m=114764338702488\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19845"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19846"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20136"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/901"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/477960"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/25463"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/25569"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/434007/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/434038/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/434402/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/434415/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/434415/30/4920/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/17958"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/1785"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/1786"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/1842"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26442"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2006-2407 (GCVE-0-2006-2407)
Vulnerability from cvelistv5
Published
2006-05-16 10:00
Modified
2024-08-07 17:51
Severity ?
CWE
  • n/a
Summary
Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange algorithm string.
References
http://secunia.com/advisories/19846third-party-advisory, x_refsource_SECUNIA
http://www.osvdb.org/25569vdb-entry, x_refsource_OSVDB
http://www.securityfocus.com/archive/1/434007/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/434402/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://www.vupen.com/english/advisories/2006/1786vdb-entry, x_refsource_VUPEN
http://securityreason.com/securityalert/901third-party-advisory, x_refsource_SREASON
https://exchange.xforce.ibmcloud.com/vulnerabilities/26442vdb-entry, x_refsource_XF
http://www.securityfocus.com/archive/1/434415/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://secunia.com/advisories/19845third-party-advisory, x_refsource_SECUNIA
http://www.kb.cert.org/vuls/id/477960third-party-advisory, x_refsource_CERT-VN
http://www.securityfocus.com/archive/1/434415/30/4920/threadedmailing-list, x_refsource_BUGTRAQ
http://www.osvdb.org/25463vdb-entry, x_refsource_OSVDB
http://marc.info/?l=full-disclosure&m=114764338702488&w=2mailing-list, x_refsource_FULLDISC
http://secunia.com/advisories/20136third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/1842vdb-entry, x_refsource_VUPEN
http://www.vupen.com/english/advisories/2006/1785vdb-entry, x_refsource_VUPEN
http://www.securityfocus.com/bid/17958vdb-entry, x_refsource_BID
http://www.securityfocus.com/archive/1/434038/100/0/threadedmailing-list, x_refsource_BUGTRAQ
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T17:51:04.671Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "19846",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19846"
          },
          {
            "name": "25569",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/25569"
          },
          {
            "name": "20060514 POC exploit for freeSSHd version 1.0.9",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/434007/100/0/threaded"
          },
          {
            "name": "20060517 POC exploit for freeFTPd 1.0.10",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/434402/100/0/threaded"
          },
          {
            "name": "ADV-2006-1786",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/1786"
          },
          {
            "name": "901",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/901"
          },
          {
            "name": "freesshd-key-exchange-bo(26442)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26442"
          },
          {
            "name": "20060517 BUGTRAQ:20060517 Re:POC exploit for freeFTPd 1.0.10",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/434415/100/0/threaded"
          },
          {
            "name": "19845",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19845"
          },
          {
            "name": "VU#477960",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/477960"
          },
          {
            "name": "20060517 Re:POC exploit for freeFTPd 1.0.10",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/434415/30/4920/threaded"
          },
          {
            "name": "25463",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/25463"
          },
          {
            "name": "20060514 POC exploit for freeSSHd version 1.0.9",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=full-disclosure\u0026m=114764338702488\u0026w=2"
          },
          {
            "name": "20136",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20136"
          },
          {
            "name": "ADV-2006-1842",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/1842"
          },
          {
            "name": "ADV-2006-1785",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/1785"
          },
          {
            "name": "17958",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/17958"
          },
          {
            "name": "20060515 Re: [Full-disclosure] POC exploit for freeSSHd version 1.0.9",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/434038/100/0/threaded"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-05-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange algorithm string."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-18T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "19846",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19846"
        },
        {
          "name": "25569",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/25569"
        },
        {
          "name": "20060514 POC exploit for freeSSHd version 1.0.9",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/434007/100/0/threaded"
        },
        {
          "name": "20060517 POC exploit for freeFTPd 1.0.10",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/434402/100/0/threaded"
        },
        {
          "name": "ADV-2006-1786",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/1786"
        },
        {
          "name": "901",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/901"
        },
        {
          "name": "freesshd-key-exchange-bo(26442)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26442"
        },
        {
          "name": "20060517 BUGTRAQ:20060517 Re:POC exploit for freeFTPd 1.0.10",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/434415/100/0/threaded"
        },
        {
          "name": "19845",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19845"
        },
        {
          "name": "VU#477960",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/477960"
        },
        {
          "name": "20060517 Re:POC exploit for freeFTPd 1.0.10",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/434415/30/4920/threaded"
        },
        {
          "name": "25463",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/25463"
        },
        {
          "name": "20060514 POC exploit for freeSSHd version 1.0.9",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://marc.info/?l=full-disclosure\u0026m=114764338702488\u0026w=2"
        },
        {
          "name": "20136",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20136"
        },
        {
          "name": "ADV-2006-1842",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/1842"
        },
        {
          "name": "ADV-2006-1785",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/1785"
        },
        {
          "name": "17958",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/17958"
        },
        {
          "name": "20060515 Re: [Full-disclosure] POC exploit for freeSSHd version 1.0.9",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/434038/100/0/threaded"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-2407",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange algorithm string."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "19846",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19846"
            },
            {
              "name": "25569",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/25569"
            },
            {
              "name": "20060514 POC exploit for freeSSHd version 1.0.9",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/434007/100/0/threaded"
            },
            {
              "name": "20060517 POC exploit for freeFTPd 1.0.10",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/434402/100/0/threaded"
            },
            {
              "name": "ADV-2006-1786",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/1786"
            },
            {
              "name": "901",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/901"
            },
            {
              "name": "freesshd-key-exchange-bo(26442)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26442"
            },
            {
              "name": "20060517 BUGTRAQ:20060517 Re:POC exploit for freeFTPd 1.0.10",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/434415/100/0/threaded"
            },
            {
              "name": "19845",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19845"
            },
            {
              "name": "VU#477960",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/477960"
            },
            {
              "name": "20060517 Re:POC exploit for freeFTPd 1.0.10",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/434415/30/4920/threaded"
            },
            {
              "name": "25463",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/25463"
            },
            {
              "name": "20060514 POC exploit for freeSSHd version 1.0.9",
              "refsource": "FULLDISC",
              "url": "http://marc.info/?l=full-disclosure\u0026m=114764338702488\u0026w=2"
            },
            {
              "name": "20136",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20136"
            },
            {
              "name": "ADV-2006-1842",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/1842"
            },
            {
              "name": "ADV-2006-1785",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/1785"
            },
            {
              "name": "17958",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/17958"
            },
            {
              "name": "20060515 Re: [Full-disclosure] POC exploit for freeSSHd version 1.0.9",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/434038/100/0/threaded"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-2407",
    "datePublished": "2006-05-16T10:00:00",
    "dateReserved": "2006-05-15T00:00:00",
    "dateUpdated": "2024-08-07T17:51:04.671Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}