Lucene search

[email protected]NVD:CVE-2006-0100

HistoryJan 06, 2006 - 11:03 a.m.

CVE-2006-0100

2006-01-0611:03:00

[email protected]

web.nvd.nist.gov

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.7

Confidence

High

EPSS

Percentile

5.1%

JSON

Buffer overflow in NicoFTP 3.0.1.19 and earlier might allow local users to execute arbitrary code via a long string in the “Name of site” field of an FTP account. NOTE: because this program executes with the privileges of the invoking user, and because remote programs do not normally have the ability to create or modify FTP accounts in this program, there may not be a typical attack vector for the issue that crosses privilege boundaries. Therefore this may not be a vulnerability.

Affected configurations

Nvd

Node

nicoswnicoftpRange≤3.0.1.19

VendorProductVersionCPE
nicoswnicoftp*cpe:2.3:a:nicosw:nicoftp:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
nicosw	nicoftp	*	cpe:2.3:a:nicosw:nicoftp::::::::

References

securityreason.com/securityalert/317

www.securityfocus.com/archive/1/420670/100/0/threaded

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.7

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2006-0100

prion1 cve1 cvelist1