Bennett Todd

**Name of the Vulnerable Software and Affected Versions** Wind River VxWorks versions 6.x, 5.x, and earlier **Description** The issue allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185. This is related to a previous issue. **Recommendations** For Wind River VxWorks versions 6.x, 5.x, and earlier, restrict access to UDP port 17185 to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: lsh versions (affected versions not specified) Description: The issue is related to the lsh daemon (lshd) not properly returning from certain functions when long input is provided, which could allow remote attackers to execute arbitrary code via a heap-based buffer overflow attack. The affected functions are located in read line.c, channel commands.c, and client keyexchange.c. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.