Lucene search

[email protected]CVE-2004-1627

HistoryFeb 20, 2005 - 5:00 a.m.

CVE-2004-1627

2005-02-2005:00:00

[email protected]

web.nvd.nist.gov

cve-2004-1627

buffer overflow

ability server

remote code execution

appe command

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

High

0.259 Low

EPSS

Percentile

96.7%

JSON

Buffer overflow in Ability Server 2.25, 2.32, 2.34, and possibly other versions, allows remote attackers to execute arbitrary code via a long APPE command.

Affected configurations

NVD

Node

code-craftersability_serverMatch2.2.5

code-craftersability_serverMatch2.3.2

code-craftersability_serverMatch2.3.4

CPENameOperatorVersion
code-crafters:ability_servercode-crafters ability servereq2.2.5
code-crafters:ability_servercode-crafters ability servereq2.3.2
code-crafters:ability_servercode-crafters ability servereq2.3.4

CPE	Name	Operator	Version
code-crafters:ability_server	code-crafters ability server	eq	2.2.5
code-crafters:ability_server	code-crafters ability server	eq	2.3.2
code-crafters:ability_server	code-crafters ability server	eq	2.3.4

References

lists.virus.org/dw-0day-0412/msg00004.html

secunia.com/advisories/12941

securitytracker.com/id?1012464

www.osvdb.org/12347

www.securityfocus.com/bid/11508

exchange.xforce.ibmcloud.com/vulnerabilities/18405

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

High

0.259 Low

EPSS

Percentile

96.7%

JSON

Related for CVE-2004-1627

cvelist1 nvd1 nessus1