CVE-2008-4726

Name of the Vulnerable Software and Affected Versions GoodTech SSH version 6.4

Description The issue is a stack-based buffer overflow in the SFTP subsystem. This can be exploited by remote authenticated users who send a long string to certain parameters, including the open (also known as SSH FXP OPEN), unlink, and opendir parameters, allowing them to execute arbitrary code.

Recommendations For GoodTech SSH version 6.4, consider restricting access to the SFTP subsystem until a patch is available. As a temporary workaround, avoid using long strings in the open, unlink, and opendir parameters to minimize the risk of exploitation.