Lucene search

[email protected]CVE-2006-2172

HistoryMay 04, 2006 - 12:38 p.m.

CVE-2006-2172

2006-05-0412:38:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-2172

buffer overflow

gene6 ftp server

remote attackers

denial of service

arbitrary code

mkd

xmkd

nvd

7.8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.048 Low

EPSS

Percentile

92.6%

JSON

Buffer overflow in Gene6 FTP Server 3.1.0 allows remote authenticated attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to (1) MKD or (2) XMKD, as demonstrated by the Infigo FTPStress Fuzzer.

CPENameOperatorVersion
gene6:g6_ftp_servergene6 g6 ftp servereq3.1

CPE	Name	Operator	Version
gene6:g6_ftp_server	gene6 g6 ftp server	eq	3.1

References

secunia.com/advisories/19965

www.infigo.hr/en/in_focus/tools

www.osvdb.org/25238

www.securityfocus.com/archive/1/432839/100/0/threaded

www.securityfocus.com/bid/17810

www.vupen.com/english/advisories/2006/1658

exchange.xforce.ibmcloud.com/vulnerabilities/26237

7.8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.048 Low

EPSS

Percentile

92.6%

JSON

Related for CVE-2006-2172

nessus1 kaspersky1 prion1