Lucene search

[email protected]CVE-2003-0755

HistoryOct 20, 2003 - 4:00 a.m.

CVE-2003-0755

2003-10-2004:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2003-0755

buffer overflow

sys_cmd.c

gtkftpd

remote code execution

nvd

8.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.014 Low

EPSS

Percentile

86.2%

JSON

Buffer overflow in sys_cmd.c for gtkftpd 1.0.4 and earlier allows remote attackers to execute arbitrary code by creating long directory names and listing them with a LIST command.

CPENameOperatorVersion
gtkftpd:gtkftpgtkftpd gtkftpeq1.0.2
gtkftpd:gtkftpgtkftpd gtkftpeq1.0.3
gtkftpd:gtkftpgtkftpd gtkftpeq1.0.4

CPE	Name	Operator	Version
gtkftpd:gtkftp	gtkftpd gtkftp	eq	1.0.2
gtkftpd:gtkftp	gtkftpd gtkftp	eq	1.0.3
gtkftpd:gtkftp	gtkftpd gtkftp	eq	1.0.4

References

archives.neohapsis.com/archives/vuln-dev/2003-q3/0101.html

8.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.014 Low

EPSS

Percentile

86.2%

JSON