Vulnerability CVE-2009-4753


Published: 2010-03-29   Modified: 2012-02-13

Description:
Multiple buffer overflows in the FTP server on the Addonics NAS Adapter NASU2FW41 with loader 1.17 allow remote attackers to cause a denial of service (TCP/IP outage) via long arguments to the (1) XRMD, (2) delete, (3) RNFR, or (4) RNTO command.

See advisories in our WLB2 database:
Topic
Author
Date
High
Addonics NAS Adapter FTP Remote Denial of Service
Mike Cyr, aka h0...
03.05.2009

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.1/10
6.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Nas adapter -> Nasu2fw41 

 References:
http://www.exploit-db.com/exploits/8584
http://www.securityfocus.com/archive/1/503146/100/0/threaded
http://www.securityfocus.com/bid/34796
https://exchange.xforce.ibmcloud.com/vulnerabilities/50289

Copyright 2024, cxsecurity.com

 

Back to Top