Lucene search

K
kasperskyKaspersky LabKLA10131
HistorySep 30, 2009 - 12:00 a.m.

KLA10131 DoS vulnerability in CuteFTP

2009-09-3000:00:00
Kaspersky Lab
threats.kaspersky.com
22

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

88.0%

A buffer overflow was found in CuteFTP. By exploiting this vulnerability malicious users can cause denial of service or possibly execute arbitrary code. This vulnerability can be exploited remotely via a specially designed site list.

Original advisories

Related products

CuteFTP-Pro

CuteFTP-Home

CVE list

CVE-2009-3483 critical

Solution

Update to latest version

Impacts

  • ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

  • DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Affected Products

  • GlobalSCAPE CuteFTP Professional versions 8.3.3 and 8.3.3.0054GlobalSCAPE CuteFTP Homeย versions 8.3.3 and 8.3.3.0054GlobalSCAPE CuteFTP Liteย versions 8.3.3 and 8.3.3.0054

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

88.0%

Related for KLA10131