CVE-2008-6899

freeSSHd 1.2.1 - Authenticated Buffer Overflow via SFTP Commands

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-6899. PoCs published by r0ut3r.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in FreeSSHd 1.2.1 via the SFTP Rename operation. It uses a crafted payload with NOPs, shellcode, and SEH overwrite to achieve remote code execution (RCE).

Description

Multiple buffer overflows in freeSSHd 1.2.1 allow remote authenticated users to cause a denial of service (crash) and execute arbitrary code via a long (1) open, (2) unlink, (3) mkdir, (4) rmdir, or (5) stat SFTP command.

Exploits (1)

exploitdb WORKING POC VERIFIED

by r0ut3r · perlremotewindows

https://www.exploit-db.com/exploits/8295

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in FreeSSHd 1.2.1 via the SFTP Rename operation. It uses a crafted payload with NOPs, shellcode, and SEH overwrite to achieve remote code execution (RCE).

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: FreeSSHd 1.2.1

Auth required

Prerequisites: Network access to the target · Valid credentials for authentication · SFTP service enabled

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/52434

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/32972

Exploit x_refsource_misc

http://www.bmgsec.com.au/advisories/freeSSHd-bof.txt

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/499486/100/0/threaded

Scores

EPSS 0.0529

EPSS Percentile 91.5%

Details

CWE

CWE-119

Status published

Products (1)

freesshd/freesshd 1.2.1

Published Aug 05, 2009

Tracked Since Feb 18, 2026