[Forgot Password]
Login  Register Subscribe

23631

 
 

126941

 
 

98250

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2007-1580

Date: (C)2007-03-21   (M)2017-10-11 


FTPDMIN 0.96 allows remote attackers to cause a denial of service (daemon crash) via a LIST command for a Windows drive letter, as demonstrated using "//A:". NOTE: this has been reported as a buffer overflow by some sources, but there is not a long argument.

CVSS Score: 6.3Access Vector: NETWORK
Exploit Score: 6.8Access Complexity: MEDIUM
Impact Score: 6.9Authentication: SINGLE_INSTANCE
 Confidentiality: NONE
 Integrity: NONE
 Availability: COMPLETE





Reference:
BID-23049
OSVDB-34524
EXPLOIT-DB-3523
ftpdmin-list-dos(33091)

CWE    1
CWE-119

© 2013 SecPod Technologies