This is to confirm FreeSSHD 1.2.6 , latest version, is still vulnerable to this: http://www.exploit-db.com/exploits/11842/
The bug report can't be submitted on the author site - http://www.freesshd.com because of a php bug in form submission. But it was sent to emails from its commercial site - WeOnlyDo - http://www.weonlydo.com/. I request exploit researchers to find remote code execution capability in this flaw. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
