Vulnerability CVE-2007-1731
Published: 2007-03-28   Modified: 2012-02-12

Description:
Multiple stack-based buffer overflows in High Performance Anonymous FTP Server (hpaftpd) 1.01 allow remote attackers to execute arbitrary code via long arguments to the (1) USER, (2) PASS, (3) CWD, (4) MKD, (5) RMD, (6) DELE, (7) RNFR, or (8) RNTO FTP command.

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Hpaftpd -> Hpaftpd 

 References:
http://www.vupen.com/english/advisories/2007/1142
http://www.securityfocus.com/bid/23147
http://www.securiteam.com/securitynews/5AP0L1PKUU.html
http://osvdb.org/35182
http://xforce.iss.net/xforce/xfdb/33288
Copyright 2024, cxsecurity.com

 

Back to Top