CVE-2008-2573

CVSS 8.5 - HIGH

Description

Stack-based buffer overflow in SFTP in freeSSHd 1.2.1 allows remote authenticated users to execute arbitrary code via a long directory name in an SSH_FXP_OPENDIR (aka opendir) command.

Affected Products

Vendor	Product	Version
freesshd	freesshd	`1.2.1`

References

http://secunia.com/advisories/30498

http://www.securityfocus.com/archive/1/493180/100/...

http://www.securityfocus.com/bid/29453

http://www.securitytracker.com/id?1020212

http://www.vupen.com/english/advisories/2008/1711/...

https://www.exploit-db.com/exploits/5709

https://www.exploit-db.com/exploits/5751

http://secunia.com/advisories/30498

http://www.securityfocus.com/archive/1/493180/100/...

http://www.securityfocus.com/bid/29453

http://www.securitytracker.com/id?1020212

http://www.vupen.com/english/advisories/2008/1711/...

https://www.exploit-db.com/exploits/5709

https://www.exploit-db.com/exploits/5751

Weakness Types

CWE-119

CVE Information

CVE ID:: CVE-2008-2573
Published:: 2008-06-06
Modified:: 2026-04-23
CVSS Score:: 8.5
Severity:: HIGH
Vector:: AV:N/AC:M/Au:S/C:C/I:C/A:C

Affected Vendors

freesshd

Quick Actions

View on NVD Find Similar CVEs

CVSS Severity Scale

0.0 - 3.9 LOW

4.0 - 6.9 MEDIUM

7.0 - 8.9 HIGH

9.0 - 10.0 CRITICAL