Lucene search

[email protected]CVE-2006-6576

HistoryDec 15, 2006 - 7:28 p.m.

CVE-2006-6576

2006-12-1519:28:00

CWE-787

[email protected]

web.nvd.nist.gov

cve-2006-6576

golden ftp server

buffer overflow

denial of service

remote code execution

9.6 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.657 Medium

EPSS

Percentile

97.9%

JSON

Heap-based buffer overflow in Golden FTP Server (goldenftpd) 1.92 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long PASS command. NOTE: it was later reported that 4.70 is also affected. NOTE: the USER vector is already covered by CVE-2005-0634.

CPENameOperatorVersion
goldenftpserver:golden_ftp_servergoldenftpserver golden ftp servereq1.92

CPE	Name	Operator	Version
goldenftpserver:golden_ftp_server	goldenftpserver golden ftp server	eq	1.92

References

packetstormsecurity.com/files/161711/Golden-FTP-Server-4.70-Buffer-Overflow.html

retrogod.altervista.org/golden_heap.html

secunia.com/advisories/23323

www.exploit-db.com/exploits/16036

www.securityfocus.com/bid/45924

www.securityfocus.com/bid/45957

www.vupen.com/english/advisories/2006/4936

Social References

9.6 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.657 Medium

EPSS

Percentile

97.9%

JSON

Related for CVE-2006-6576

openvas2 zdt1 packetstorm2 checkpoint_advisories2 cve1 wallarmlab1 nessus1