CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-4572

GuildFTPd 0.999.14, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long arguments to the CWD and LIST commands, which triggers heap corruption related to an improper free call, and possibly triggering a heap-based buffer overflow.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.709

EPSS Ranking 98.6%

CVSS Severity

CVSS v2 Score 10.0

References

http://secunia.com/advisories/32218
http://securityreason.com/securityalert/4422
http://www.securityfocus.com/bid/31729
http://www.vupen.com/english/advisories/2008/2794
https://exchange.xforce.ibmcloud.com/vulnerabilities/45818
https://www.exploit-db.com/exploits/6738
http://secunia.com/advisories/32218
http://securityreason.com/securityalert/4422
http://www.securityfocus.com/bid/31729
http://www.vupen.com/english/advisories/2008/2794
https://exchange.xforce.ibmcloud.com/vulnerabilities/45818
https://www.exploit-db.com/exploits/6738

Products affected by CVE-2008-4572

Guildftpd » Guildftpd » Version: 0.999.14

cpe:2.3:a:guildftpd:guildftpd:0.999.14

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-4572

Products

Pricing

Contact Us