CVE-2006-5815

Sažetak

Stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and earlier allows remote attackers, probably authenticated, to cause a denial of service and execute arbitrary code, as demonstrated by vd_proftpd.pm, a "ProFTPD remote exploit."

Reference

http://bugs.proftpd.org/show_bug.cgi?id=2858
http://gleg.net/vulndisco_meta.shtml
http://secunia.com/advisories/22803
http://secunia.com/advisories/22821
http://secunia.com/advisories/23000
http://secunia.com/advisories/23069
http://secunia.com/advisories/23125
http://secunia.com/advisories/23174
http://secunia.com/advisories/23179
http://secunia.com/advisories/23184
http://secunia.com/advisories/23207
http://securitytracker.com/id?1017167
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.502491
http://www.debian.org/security/2006/dsa-1222
http://www.gentoo.org/security/en/glsa/glsa-200611-26.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:217
http://www.mandriva.com/security/advisories?name=MDKSA-2006:217-1
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.035-proftpd.html
http://www.securityfocus.com/archive/1/452760/100/200/threaded
http://www.securityfocus.com/bid/20992
http://www.trustix.org/errata/2006/0066/
http://www.trustix.org/errata/2006/0070
http://www.vupen.com/english/advisories/2006/4451
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=214820
https://exchange.xforce.ibmcloud.com/vulnerabilities/30147

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

17-10-2018 - 21:45

Objavljeno

08-11-2006 - 23:07