Lucene search

[email protected]CVE-2008-3734

HistoryAug 20, 2008 - 4:41 p.m.

CVE-2008-3734

2008-08-2016:41:00

CWE-134

[email protected]

web.nvd.nist.gov

cve-2008-3734

format string vulnerability

ipswitch ws_ftp

denial of service

arbitrary code execution

nvd

8.1 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.113 Low

EPSS

Percentile

95.2%

JSON

Format string vulnerability in Ipswitch WS_FTP Home 2007.0.0.2 and WS_FTP Professional 2007.1.0.0 allows remote FTP servers to cause a denial of service (application crash) or possibly execute arbitrary code via format string specifiers in a connection greeting (response).

CPENameOperatorVersion
ipswitch:ws_ftp_homeipswitch ws ftp homeeq2007.0.0.2
ipswitch:ws_ftp_proipswitch ws ftp proeq2007.1.0.0

CPE	Name	Operator	Version
ipswitch:ws_ftp_home	ipswitch ws ftp home	eq	2007.0.0.2
ipswitch:ws_ftp_pro	ipswitch ws ftp pro	eq	2007.1.0.0

References

secunia.com/advisories/31504

securityreason.com/securityalert/4173

www.securityfocus.com/bid/30720

www.securitytracker.com/id?1020713

www.securitytracker.com/id?1020714

exchange.xforce.ibmcloud.com/vulnerabilities/44512

www.exploit-db.com/exploits/6257

8.1 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.113 Low

EPSS

Percentile

95.2%

JSON

Related for CVE-2008-3734

prion1 checkpoint_advisories1 openvas2