CVE-2003-1206

Sažetak

Format string vulnerability in Crob FTP Server 2.60.1 allows remote attackers to cause a denial of service (crash) via "%s" or "%n" sequences in (1) the username during login, or other FTP commands such as (2) dir.

Reference

http://marc.info/?l=bugtraq&m=106019292611151&w=2
http://secunia.com/advisories/8929
http://www.crob.net/studio/ftpserver/
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2003-08/0087.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/12834

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

11-07-2017 - 01:29

Objavljeno

03-06-2003 - 04:00