Intrusion Prevention



Indicates a possible attempt to exploit a vulnerability in multiple SSH implementations. The vulnerability is a result of a failure to do proper bounds checking on user supplied input before copying it to a memory buffer. A remote attacker can cause a buffer overlow and may be able to execute arbitrary code on the system.

Affected Products

WeOnlyDo! wodSSHServer 1.3.3 and earlier.
freeSSHd freeSSHd 1.0.9 and earlier.
freeFTPd freeFTPd 1.0.10 and earlier.
FiSSH, SSH Client, 1.0A for Windows and earlier.
InterSoft, SecureNetTerm, 5.4.1 and earlier.
NetComposite, Shellguard SSH, 3.4.6 and earlier.
Pragma Systems, SecureShell, 2.0 and earlier.
Simon Tatham, PuTTY, 0.53 and earlier.
WinSCP, WinSCP, 2.0.0 and earlier.
Cisco, IOS, 12.2 and earlier.
Cisco WebNS 7.10 and earlier.
Cisco PIX Firewall and earlier.
Cisco ONS


System compromise, arbitrary code execution.

Recommended Actions

Update to the latest version from the vendor.

CVE References

CVE-2006-2407 CVE-2002-1359