CVE-2011-5166

15.09.2012, 17:55

Multiple stack-based buffer overflows in KnFTP 1.0.0 allow remote attackers to execute arbitrary code via a long string to the (1) USER, (2) PASS, (3) REIN, (4) QUIT, (5) PORT, (6) PASV, (7) TYPE, (8) STRU, (9) MODE, (10) RETR, (11) STOR, (12) APPE, (13) ALLO, (14) REST, (15) RNFR, (16) RNTO, (17) ABOR, (18) DELE, (19) CWD, (20) LIST, (21) NLST, (22) SITE, (23) STST, (24) HELP, (25) NOOP, (26) MKD, (27) RMD, (28) PWD, (29) CDUP, (30) STOU, (31) SNMT, (32) SYST, and (33) XPWD commands.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:P/I:P/A:P
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 95%

Vendor	Product	Version
elif_keir	knftp	1.0.0

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://archives.neohapsis.com/archives/bugtraq/2011-09/0015.html

http://secunia.com/advisories/45907

http://www.exploit-db.com/exploits/17819

http://www.exploit-db.com/exploits/17856

http://www.exploit-db.com/exploits/17870

http://www.exploit-db.com/exploits/18089

http://www.osvdb.org/75147

https://exchange.xforce.ibmcloud.com/vulnerabilities/69557

http://archives.neohapsis.com/archives/bugtraq/2011-09/0015.html

http://secunia.com/advisories/45907

http://www.exploit-db.com/exploits/17819

http://www.exploit-db.com/exploits/17856

http://www.exploit-db.com/exploits/17870

http://www.exploit-db.com/exploits/18089

http://www.osvdb.org/75147

https://exchange.xforce.ibmcloud.com/vulnerabilities/69557