Lucene search

Kaspersky LabKLA10130

HistoryDec 31, 2003 - 12:00 a.m.

KLA10130 ACE vulnerability in CuteFTP

2003-12-3100:00:00

Kaspersky Lab

threats.kaspersky.com

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

Low

0.189 Low

EPSS

Percentile

96.3%

JSON

A buffer overflow was found in CuteFTP. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited from the network via a specially designed server response.

Original advisories

Related products

CuteFTP-5-XP

CVE list

CVE-2003-1260 critical

Solution

Update to latest version

Impacts

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

Affected Products

CuteFTP version 5.0

References

statistics.securelist.com/

threats.kaspersky.com/en/product/CuteFTP-5-XP/

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

Low

0.189 Low

EPSS

Percentile

96.3%

JSON

Related for KLA10130