Vulnerability Description
Buffer overflow in the Ne7sshSftp::addOpenHandle function in ne7ssh_sftp.cpp in NetSieben SSH Library (ne7ssh) before 1.2.1 allows user-assisted remote SFTP servers to cause a denial of service (crash) or possibly execute arbitrary code via multiple file transfers, related to multiple open file handles in SFTP (1) put and (2) get operations.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netsieben | Netsieben Ssh Library | 1.1 |
References
- http://netsieben.com/files/CHANGELOGURL Repurposed
- http://osvdb.org/43555
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33504
- http://netsieben.com/files/CHANGELOGURL Repurposed
- http://osvdb.org/43555
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33504
FAQ
What is CVE-2007-1654?
CVE-2007-1654 is a vulnerability with a CVSS score of 9.3 (HIGH). Buffer overflow in the Ne7sshSftp::addOpenHandle function in ne7ssh_sftp.cpp in NetSieben SSH Library (ne7ssh) before 1.2.1 allows user-assisted remote SFTP servers to cause a denial of service (crash...
How severe is CVE-2007-1654?
CVE-2007-1654 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-1654?
Check the references section above for vendor advisories and patch information. Affected products include: Netsieben Netsieben Ssh Library.