Lucene search

[email protected]CVE-2008-6534

HistoryMar 26, 2009 - 9:00 p.m.

CVE-2008-6534

2009-03-2621:00:00

CWE-20

[email protected]

web.nvd.nist.gov

cve

2008

6534

null ftp server

vulnerability

remote authenticated

arbitrary commands

nvd

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.021 Low

EPSS

Percentile

89.3%

JSON

Incomplete blacklist vulnerability in NULL FTP Server Free and Pro 1.1.0.7 allows remote authenticated users to execute arbitrary commands via a custom SITE command containing shell metacharacters such as “&” (ampersand) in the middle of an argument.

Affected configurations

NVD

Node

vwsolutionsnull_ftpMatch1.1.0.7pro

vwsolutionsnull_ftpMatch1.1.0.7svr

CPENameOperatorVersion
vwsolutions:null_ftpvwsolutions null ftpeq1.1.0.7

CPE	Name	Operator	Version
vwsolutions:null_ftp	vwsolutions null ftp	eq	1.1.0.7

References

secunia.com/advisories/32999

vuln.sg/nullftpserver1107-en.html

www.osvdb.org/50486

www.securityfocus.com/bid/32656

www.vupen.com/english/advisories/2008/3367

www.vwsolutions.com/knowledgeBase/releaseNotes.aspx?productId=14

exchange.xforce.ibmcloud.com/vulnerabilities/47099

www.exploit-db.com/exploits/7355

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.021 Low

EPSS

Percentile

89.3%

JSON

Related for CVE-2008-6534

openvas2 cvelist1 prion1 nvd1