CVE-2008-6899

Name of the Vulnerable Software and Affected Versions: freeSSHd version 1.2.1

Description: The issue allows remote authenticated users to cause a denial of service and execute arbitrary code via long SFTP commands, including open, unlink, mkdir, rmdir, or stat commands.

Recommendations: For freeSSHd version 1.2.1, consider restricting access to SFTP commands or updating to a version that addresses these buffer overflows, if available. As a temporary workaround, restrict the length of input for SFTP commands to prevent exploitation.