CVE-2012-6067
freeFTPd <= 1.0.11 - Authentication Bypass via Crafted SFTP Session
Title source: llmDescription
freeFTPd.exe in freeFTPd through 1.0.11 allows remote attackers to bypass authentication via a crafted SFTP session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c.
References (1)
Core 1
Core References
Third Party Advisory mailing-list
x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0011.html
Scores
EPSS
0.0313
EPSS Percentile
86.2%
Details
CWE
CWE-287
Status
published
Products (11)
freeftpd/freeftpd
1.0
freeftpd/freeftpd
1.0.1
freeftpd/freeftpd
1.0.2
freeftpd/freeftpd
1.0.3
freeftpd/freeftpd
1.0.4
freeftpd/freeftpd
1.0.5
freeftpd/freeftpd
1.0.6
freeftpd/freeftpd
1.0.7
freeftpd/freeftpd
1.0.8
freeftpd/freeftpd
1.0.10
... and 1 more
Published
Dec 04, 2012
Tracked Since
Feb 18, 2026