CVE-2007-1564
CVE-2007-1564
The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/29770unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://bindshell.net/papers/ftppasv/ftp-client-pasv-manipulation.pdfhttp://secunia.com/advisories/24889http://secunia.com/advisories/27108http://securitytracker.com/id?1017801https://issues.rpath.com/browse/RPL-1201https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10646http://www.kde.org/info/security/advisory-20070326-1.txthttp://www.mandriva.com/security/advisories?name=MDKSA-2007:072http://www.novell.com/linux/security/advisories/2007_6_sr.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0909.htmlhttp://www.securityfocus.com/bid/23091http://www.ubuntu.com/usn/usn-447-1