CVE-2011-5166

EPSS 6.5%

Multiple stack-based buffer overflows in KnFTP 1.0.0 allow remote attackers to execute arbitrary code via a long string to the (1) USER, (2) PASS, (3) REIN, (4) QUIT, (5) PORT, (6) PASV, (7) TYPE, (8) STRU, (9) MODE, (10) RETR, (11) STOR, (12) APPE, (13) ALLO, (14) REST, (15) RNFR, (16) RNTO, (17) ABOR, (18) DELE, (19) CWD, (20) LIST, (21) NLST, (22) SITE, (23) STST, (24) HELP, (25) NOOP, (26) MKD, (27) RMD, (28) PWD, (29) CDUP, (30) STOU, (31) SNMT, (32) SYST, and (33) XPWD commands.

Affected products

n/a · n/a

public PoCs found — 8

cve_referencewww.exploit-db.com/exploits/17819unverified cve_referencewww.exploit-db.com/exploits/17856unverified cve_referencewww.exploit-db.com/exploits/17870unverified cve_referencewww.exploit-db.com/exploits/18089unverified exploitdbwww.exploit-db.com/exploits/17856unverified exploitdbwww.exploit-db.com/exploits/18089unverified exploitdbwww.exploit-db.com/exploits/17870unverified exploitdbwww.exploit-db.com/exploits/17819unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://archives.neohapsis.com/archives/bugtraq/2011-09/0015.html http://secunia.com/advisories/45907 https://exchange.xforce.ibmcloud.com/vulnerabilities/69557 http://www.exploit-db.com/exploits/17819 http://www.exploit-db.com/exploits/17856 http://www.exploit-db.com/exploits/17870 http://www.exploit-db.com/exploits/18089 http://www.osvdb.org/75147