Van Dyke SecureCRT and SecureFX Buffer Overflow Vulnerability

info
discussion
exploit
solution
references

Van Dyke SecureCRT and SecureFX Buffer Overflow Vulnerability

Van Dyke SecureCRT and SecureFX are prone to a buffer-overflow vulnerability when converting Unicode strings. An attacker could potentially exploit this to execute arbitrary code or cause a denial of service.

SecureCRT versions 5.0.4 and earlier are affected. SecureFX versions 3.0.4 and earlier are affected.