MidnightBSD

Advisories for pragma_systems

CVE-2000-0212 MEDIUM

InterAccess TelnetD Server 4.0 allows remote attackers to conduct a denial of service via malformed terminal client configuration information.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
pragma_systems interaccess_telnetd_server 4.0
CVE-2000-0708 MEDIUM

Buffer overflow in Pragma Systems TelnetServer 2000 version 4.0 allows remote attackers to cause a denial of service via a long series of null characters to the rexec port.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
pragma_systems telnetserver 2000
CVE-2001-1263 MEDIUM

telnet95.exe in Pragma InterAccess 4.0 build 5 allows remote attackers to cause a denial of service (crash) via a large number of characters to port 23, possibly due to a buffer overflow.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
pragma_systems interaccess 4.0_build_5
CVE-2002-1357 HIGH

Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
cisco ios 12.2
intersoft securenetterm 5.4.1
cisco ios 12.0s
cisco ios 12.1e
putty putty 0.49
fissh ssh_client 1.0a_for_windows
cisco ios 12.1ea
putty putty 0.48
netcomposite shellguard_ssh 3.4.6
pragma_systems secureshell 2.0
winscp winscp 2.0.0
cisco ios 12.2t
cisco ios 12.0st
putty putty 0.53
cisco ios 12.2s
cisco ios 12.1t
CVE-2002-1358 HIGH

Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
cisco ios 12.2
intersoft securenetterm 5.4.1
cisco ios 12.0s
cisco ios 12.1e
putty putty 0.49
fissh ssh_client 1.0a_for_windows
cisco ios 12.1ea
putty putty 0.48
netcomposite shellguard_ssh 3.4.6
pragma_systems secureshell 2.0
winscp winscp 2.0.0
cisco ios 12.2t
cisco ios 12.0st
putty putty 0.53
cisco ios 12.2s
cisco ios 12.1t
CVE-2002-1359 HIGH

Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
cisco ios 12.2
intersoft securenetterm 5.4.1
cisco ios 12.0s
cisco ios 12.1e
putty putty 0.49
fissh ssh_client 1.0a_for_windows
cisco ios 12.1ea
putty putty 0.48
netcomposite shellguard_ssh 3.4.6
pragma_systems secureshell 2.0
winscp winscp 2.0.0
cisco ios 12.2t
cisco ios 12.0st
putty putty 0.53
cisco ios 12.2s
cisco ios 12.1t
CVE-2002-1360 HIGH

Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
cisco ios 12.2
intersoft securenetterm 5.4.1
cisco ios 12.0s
cisco ios 12.1e
putty putty 0.49
fissh ssh_client 1.0a_for_windows
cisco ios 12.1ea
putty putty 0.48
netcomposite shellguard_ssh 3.4.6
pragma_systems secureshell 2.0
winscp winscp 2.0.0
cisco ios 12.2t
cisco ios 12.0st
putty putty 0.53
cisco ios 12.2s
cisco ios 12.1t
CVE-2005-1969 MEDIUM

Cross-site scripting (XSS) vulnerability in Pragma Systems Telnetserver 6.0 allows remote attackers to inject arbitrary web script or HTML, and hide activities in log files, via a "<!--" (HTML comment) in a session.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
pragma_systems pragma_telnetserver 6.0
CVE-2006-2421 HIGH

Stack-based buffer overflow in Pragma FortressSSH 4.0.7.20 allows remote attackers to execute arbitrary code via long SSH_MSG_KEXINIT messages, which may cause an overflow when being logged. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
pragma_systems fortressssh *