Lucene search

[email protected]CVE-2005-2373

HistoryJul 26, 2005 - 4:00 a.m.

CVE-2005-2373

2005-07-2604:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-2373

buffer overflow

slimftpd

remote code execution

directory name

authentication

nvd

7.6 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.131 Low

EPSS

Percentile

95.5%

JSON

Buffer overflow in SlimFTPd 3.15 and 3.16 allows remote authenticated users to execute arbitrary code via a long directory name to (1) LIST, (2) DELE or (3) RNFR commands.

CPENameOperatorVersion
whitsoft_development:slimftpdwhitsoft development slimftpdeq3.15
whitsoft_development:slimftpdwhitsoft development slimftpdeq3.16

CPE	Name	Operator	Version
whitsoft_development:slimftpd	whitsoft development slimftpd	eq	3.15
whitsoft_development:slimftpd	whitsoft development slimftpd	eq	3.16

References

marc.info/?l=bugtraq&m=112196537312610&w=2

secunia.com/advisories/16177

securitytracker.com/id?1014542

www.whitsoftdev.com/slimftpd/

7.6 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.131 Low

EPSS

Percentile

95.5%

JSON

Related for CVE-2005-2373

checkpoint_advisories1 packetstorm1 nessus1