Lucene search

[email protected]CVE-2009-5141

HistoryApr 01, 2014 - 3:24 a.m.

CVE-2009-5141

2014-04-0103:24:00

CWE-134

[email protected]

web.nvd.nist.gov

cve-2009-5141

format string vulnerability

war ftp daemon

warftpd 1.82 rc 12

remote authenticated users

denial of service

crash

nvd

7 High

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.009 Low

EPSS

Percentile

82.8%

JSON

Format string vulnerability in War FTP Daemon (warftpd) 1.82 RC 12 allows remote authenticated users to cause a denial of service (crash) via format string specifiers in a LIST command.

CPENameOperatorVersion
jgaa:warftpdjgaa warftpdeq1.8.2

CPE	Name	Operator	Version
jgaa:warftpd	jgaa warftpd	eq	1.8.2

References

archives.neohapsis.com/archives/bugtraq/2009-09/0105.html

www.exploit-db.com/exploits/9622

www.osvdb.org/62599

www.warftp.org/index.php?menu=338&cmd=show_article&article_id=1003

www.corelan.be/index.php/forum/security-advisories-archive-2009/corelan-09001-warftpd-1-82-rc12-dos/

7 High

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.009 Low

EPSS

Percentile

82.8%

JSON

Related for CVE-2009-5141

prion1