Lucene search

[email protected]NVD:CVE-2008-6534

HistoryMar 26, 2009 - 9:00 p.m.

CVE-2008-6534

2009-03-2621:00:00

CWE-20

[email protected]

web.nvd.nist.gov

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

7.3 High

AI Score

Confidence

High

0.021 Low

EPSS

Percentile

89.3%

JSON

Incomplete blacklist vulnerability in NULL FTP Server Free and Pro 1.1.0.7 allows remote authenticated users to execute arbitrary commands via a custom SITE command containing shell metacharacters such as “&” (ampersand) in the middle of an argument.

Affected configurations

NVD

Node

vwsolutionsnull_ftpMatch1.1.0.7pro

vwsolutionsnull_ftpMatch1.1.0.7svr

References

secunia.com/advisories/32999

vuln.sg/nullftpserver1107-en.html

www.osvdb.org/50486

www.securityfocus.com/bid/32656

www.vupen.com/english/advisories/2008/3367

www.vwsolutions.com/knowledgeBase/releaseNotes.aspx?productId=14

exchange.xforce.ibmcloud.com/vulnerabilities/47099

www.exploit-db.com/exploits/7355

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

7.3 High

AI Score

Confidence

High

0.021 Low

EPSS

Percentile

89.3%

JSON

Related for NVD:CVE-2008-6534

openvas2 prion1 cve1 cvelist1