CVE-2005-2961

EPSS 8.6%

Buffer overflow in the get_string_ahref function for ProZilla 1.3.7.4 and possibly earlier, with the -ftpsearch option enabled, allows remote servers to execute arbitrary code via a search response with a crafted string in the HREF field of an <A> tag.

Affected products

n/a · n/a

public PoCs found — 1

exploitdbwww.exploit-db.com/exploits/1238unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://secunia.com/advisories/17021/http://secunia.com/advisories/17035 https://exchange.xforce.ibmcloud.com/vulnerabilities/22491 http://www.debian.org/security/2005/dsa-834 http://www.securityfocus.com/bid/14993