彙總 freesshd 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
已披露問題常與 緩衝區溢位與拒絕服務 相關,可能在 生產負載與軟體部署 場景中帶來 應用程式崩潰與記憶體損壞 等暴露風險。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2024-0723 | A vulnerability was found in freeSSHd 1.0.9 on Windows. It has been classified as problematic. This affects an unknown part. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251547. | [email protected] | 5.3 | 3.65% | 2024-01-19 | 2026-06-17 |
| CVE-2022-27052 | FreeFtpd version 1.0.13 and below contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges. | [email protected] | 7.8 | 0.33% | 2022-03-31 | 2026-06-17 |
| CVE-2018-9853 | Insecure access control in freeSSHd version 1.3.1 allows attackers to obtain the privileges of the freesshd.exe process by leveraging the ability to login to an unprivileged account on the server. | [email protected] | 9.8 | 1.29% | 2018-07-10 | 2026-06-16 |
| CVE-2017-1000475 | FreeSSHd 1.3.1 version is vulnerable to an Unquoted Path Service allowing local users to launch processes with elevated privileges. | [email protected] | 7.8 | 0.62% | 2018-01-24 | 2026-06-16 |
| CVE-2012-6066 | freeSSHd.exe in freeSSHd through 1.2.6 allows remote attackers to bypass authentication via a crafted session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c. | [email protected] | 9.3 | 39.51% | 2012-12-04 | 2026-06-16 |
| CVE-2009-3340 | Unspecified vulnerability in FreeSSHD 1.2.4 allows remote attackers to cause a denial of service via unknown vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | [email protected] | 5.0 | 1.38% | 2009-09-24 | 2026-06-16 |
| CVE-2008-6899 | Multiple buffer overflows in freeSSHd 1.2.1 allow remote authenticated users to cause a denial of service (crash) and execute arbitrary code via a long (1) open, (2) unlink, (3) mkdir, (4) rmdir, or (5) stat SFTP command. | [email protected] | 9.0 | 5.29% | 2009-08-05 | 2026-06-16 |
| CVE-2008-4762 | Stack-based buffer overflow in freeSSHd 1.2.1 allows remote authenticated users to cause a denial of service (service crash) and potentially execute arbitrary code via a long argument to the (1) rename and (2) realpath parameters. | [email protected] | 9.0 | 14.50% | 2008-10-27 | 2026-06-16 |
| CVE-2008-2573 | Stack-based buffer overflow in SFTP in freeSSHd 1.2.1 allows remote authenticated users to execute arbitrary code via a long directory name in an SSH_FXP_OPENDIR (aka opendir) command. | [email protected] | 8.5 | 5.61% | 2008-06-06 | 2026-06-16 |
| CVE-2008-0852 | freeSSHd 1.2 and earlier allows remote attackers to cause a denial of service (crash) via a SSH2_MSG_NEWKEYS packet to TCP port 22, which triggers a NULL pointer dereference. | [email protected] | 5.0 | 6.23% | 2008-02-20 | 2026-06-16 |
| CVE-2006-2407 | Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange algorithm string. | [email protected] | 7.5 | 71.38% | 2006-05-16 | 2026-06-16 |