Vulnerability Details CVE-2002-1244
Format string vulnerability in Pablo FTP Server 1.5, 1.3, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format strings in the USER command.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.033
EPSS Ranking 86.7%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0057.html
- http://marc.info/?l=bugtraq&m=103642642802889&w=2
- http://www.iss.net/security_center/static/10532.php
- http://www.osvdb.org/4996
- http://www.pablovandermeer.nl/ftpserver.zip
- http://www.securityfocus.com/bid/6099
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0057.html
- http://marc.info/?l=bugtraq&m=103642642802889&w=2
- http://www.iss.net/security_center/static/10532.php
- http://www.osvdb.org/4996
- http://www.pablovandermeer.nl/ftpserver.zip
- http://www.securityfocus.com/bid/6099
Products affected by CVE-2002-1244
-
cpe:2.3:a:pablo_software_solutions:pablo_ftp_server:1.0
-
cpe:2.3:a:pablo_software_solutions:pablo_ftp_server:1.2
-
cpe:2.3:a:pablo_software_solutions:pablo_ftp_server:1.3
-
cpe:2.3:a:pablo_software_solutions:pablo_ftp_server:1.5