This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.
The SFTP server running on the remote host has an authentication bypass
The SFTP server included with freeFTPd or freeSSHd has an
authentication bypass vulnerability. Authentication can be bypassed by
opening an SSH channel before any credentials are provided. A remote,
unauthenticated attacker could exploit this to login without providing
After logging in, uploading specially crafted files could result in
arbitrary code execution as SYSTEM. Refer to the researcher's advisory
for more information.
See also :
There is no known solution at this time.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 7.1
Public Exploit Available : true
Family: Gain a shell remotely
Nessus Plugin ID: 63223 ()
Bugtraq ID: 5678256785
CVE ID: CVE-2012-6066CVE-2012-6067
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.