Vulnerability Details CVE-2006-2180
Buffer overflow in Golden FTP Server Pro 2.70 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via a long argument to the (1) NLST or (2) APPE commands, as demonstrated by the Infigo FTPStress Fuzzer.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.2
EPSS Ranking 95.2%
CVSS Severity
CVSS v2 Score 6.4
References
- http://archives.neohapsis.com/archives/bugtraq/2006-05/0139.html
- http://marc.info/?l=bugtraq&m=114658586018818&w=2
- http://secunia.com/advisories/19917
- http://www.infigo.hr/en/in_focus/tools
- http://www.infigo.hr/hr/in_focus/advisories/INFIGO-2006-05-03
- http://www.osvdb.org/25217
- http://www.securityfocus.com/bid/17801
- http://www.vupen.com/english/advisories/2006/1640
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26195
- http://archives.neohapsis.com/archives/bugtraq/2006-05/0139.html
- http://marc.info/?l=bugtraq&m=114658586018818&w=2
- http://secunia.com/advisories/19917
- http://www.infigo.hr/en/in_focus/tools
- http://www.infigo.hr/hr/in_focus/advisories/INFIGO-2006-05-03
- http://www.osvdb.org/25217
- http://www.securityfocus.com/bid/17801
- http://www.vupen.com/english/advisories/2006/1640
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26195
Products affected by CVE-2006-2180
-
cpe:2.3:a:kmint21_software:golden_ftp_server:1.32b
-
cpe:2.3:a:kmint21_software:golden_ftp_server:2.70