Lucene search

PRIOn knowledge basePRION:CVE-2007-1485

HistoryMar 16, 2007 - 9:19 p.m.

Buffer overflow

2007-03-1621:19:00

PRIOn knowledge base

www.prio-n.com

7.8 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

68.2%

JSON

Buffer overflow in the set_umask function in QFTP in LIBFtp 3.1-1 allows local users to execute arbitrary code via a long -m argument. NOTE: CVE disputes this issue because QFTP is not setuid, and it is unlikely that there are web interfaces to QFTP that would accept untrusted command line arguments

CPENameOperatorVersion
ftplibeq3.1.1

CPE	Name	Operator	Version
	ftplib	eq	3.1.1

References

osvdb.org/35089

securityreason.com/securityalert/2443

www.securityfocus.com/archive/1/462952/100/0/threaded

www.securityfocus.com/bid/22986

7.8 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

68.2%

JSON

Related for PRION:CVE-2007-1485