Vulnerability Details CVE-2011-5164
Stack-based buffer overflow in VanDyke Software AbsoluteFTP 1.9.6 through 2.2.10 allows remote FTP servers to execute arbitrary code via a crafted file name in a LIST command response.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.555
EPSS Ranking 97.9%
CVSS Severity
CVSS v2 Score 9.3
References
- http://secunia.com/advisories/46781
- http://www.exploit-db.com/exploits/18102
- http://www.osvdb.org/77105
- http://www.saintcorporation.com/cgi-bin/exploit_info/vandyke_absoluteftp_list_client_overflow
- http://www.securityfocus.com/bid/50614
- http://secunia.com/advisories/46781
- http://www.exploit-db.com/exploits/18102
- http://www.osvdb.org/77105
- http://www.saintcorporation.com/cgi-bin/exploit_info/vandyke_absoluteftp_list_client_overflow
- http://www.securityfocus.com/bid/50614
Products affected by CVE-2011-5164
-
cpe:2.3:a:vandyke:absoluteftp:1.9.6
-
cpe:2.3:a:vandyke:absoluteftp:2.0.3
-
cpe:2.3:a:vandyke:absoluteftp:2.0.4
-
cpe:2.3:a:vandyke:absoluteftp:2.0.5
-
cpe:2.3:a:vandyke:absoluteftp:2.2.1
-
cpe:2.3:a:vandyke:absoluteftp:2.2.10
-
cpe:2.3:a:vandyke:absoluteftp:2.2.2
-
cpe:2.3:a:vandyke:absoluteftp:2.2.3
-
cpe:2.3:a:vandyke:absoluteftp:2.2.4
-
cpe:2.3:a:vandyke:absoluteftp:2.2.5
-
cpe:2.3:a:vandyke:absoluteftp:2.2.6
-
cpe:2.3:a:vandyke:absoluteftp:2.2.7
-
cpe:2.3:a:vandyke:absoluteftp:2.2.8
-
cpe:2.3:a:vandyke:absoluteftp:2.2.9