How to Buy
This script is Copyright (C) 2006-2011 Ferdy Riphagen
The remote SSH server is prone to a buffer overflow attack.
The remote host is using freeSSHd, a free SSH server for Windows.
The version of freeSSHd installed on the remote host does not validate
the key exchange strings sent by a SSH client. This can result in a
buffer overflow and possibly a compromise of the host if an
unauthenticated attacker sends a long key exchange string.
Upgrade to FreeSSHd version 1.0.10 or later.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true
Family: Gain a shell remotely
Nessus Plugin ID: 21580 (freesshd_key_exchange_overflow.nasl)
Bugtraq ID: 17958
CVE ID: CVE-2006-2407
Get Nessus Professional to scan unlimited IPs, run compliance checks & more
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.