CVE-2011-5166
CVE-2011-5166
Multiple stack-based buffer overflows in KnFTP 1.0.0 allow remote attackers to execute arbitrary code via a long string to the (1) USER, (2) PASS, (3) REIN, (4) QUIT, (5) PORT, (6) PASV, (7) TYPE, (8) STRU, (9) MODE, (10) RETR, (11) STOR, (12) APPE, (13) ALLO, (14) REST, (15) RNFR, (16) RNTO, (17) ABOR, (18) DELE, (19) CWD, (20) LIST, (21) NLST, (22) SITE, (23) STST, (24) HELP, (25) NOOP, (26) MKD, (27) RMD, (28) PWD, (29) CDUP, (30) STOU, (31) SNMT, (32) SYST, and (33) XPWD commands.
Productos afectados
n/a · n/aPoCs públicas encontradas — 8
cve_referencewww.exploit-db.com/exploits/17819no verificadocve_referencewww.exploit-db.com/exploits/17856no verificadocve_referencewww.exploit-db.com/exploits/17870no verificadocve_referencewww.exploit-db.com/exploits/18089no verificadoexploitdbwww.exploit-db.com/exploits/17856no verificadoexploitdbwww.exploit-db.com/exploits/18089no verificadoexploitdbwww.exploit-db.com/exploits/17870no verificadoexploitdbwww.exploit-db.com/exploits/17819no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://archives.neohapsis.com/archives/bugtraq/2011-09/0015.htmlhttp://secunia.com/advisories/45907https://exchange.xforce.ibmcloud.com/vulnerabilities/69557http://www.exploit-db.com/exploits/17819http://www.exploit-db.com/exploits/17856http://www.exploit-db.com/exploits/17870http://www.exploit-db.com/exploits/18089http://www.osvdb.org/75147