Lucene search

[email protected]CVE-2008-4588

HistoryOct 15, 2008 - 10:45 p.m.

CVE-2008-4588

2008-10-1522:45:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-4588

buffer overflow

ftp server

etype eserv 3.x

denial of service

remote code execution

8.4 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.135 Low

EPSS

Percentile

95.6%

JSON

Stack-based buffer overflow in the FTP server in Etype Eserv 3.x, possibly 3.26, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long argument to the ABOR command.

CPENameOperatorVersion
etype:eservetype eserveq3.0
etype:eservetype eserveq3.26
etype:eservetype eserveq3.25

CPE	Name	Operator	Version
etype:eserv	etype eserv	eq	3.0
etype:eserv	etype eserv	eq	3.26
etype:eserv	etype eserv	eq	3.25

References

securityreason.com/securityalert/4415

www.securityfocus.com/bid/31753

www.zeroscience.org/codes/eserv_bof.txt

exchange.xforce.ibmcloud.com/vulnerabilities/45864

www.exploit-db.com/exploits/6752

8.4 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.135 Low

EPSS

Percentile

95.6%

JSON

Related for CVE-2008-4588

prion1 zeroscience1