Vulnerability Details CVE-2016-5764
Micro Focus Rumba FTP 4.X client buffer overflow makes it possible to corrupt the stack and allow arbitrary code execution. Fixed in: Rumba FTP 4.5 (HF 14668). This can only occur if a client connects to a malicious server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.084
EPSS Ranking 91.9%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
- http://community.microfocus.com/microfocus/mainframe_solutions/rumba/w/knowledge_base/28731.rumba-ftp-4-x-security-update.aspx
- http://www.securityfocus.com/bid/93974
- https://www.exploit-db.com/exploits/40651/
- http://community.microfocus.com/microfocus/mainframe_solutions/rumba/w/knowledge_base/28731.rumba-ftp-4-x-security-update.aspx
- http://www.securityfocus.com/bid/93974
- https://www.exploit-db.com/exploits/40651/
Products affected by CVE-2016-5764
-
cpe:2.3:a:microfocus:rumba_ftp:4.0
-
cpe:2.3:a:microfocus:rumba_ftp:4.1
-
cpe:2.3:a:microfocus:rumba_ftp:4.2
-
cpe:2.3:a:microfocus:rumba_ftp:4.3
-
cpe:2.3:a:microfocus:rumba_ftp:4.4
-
cpe:2.3:a:microfocus:rumba_ftp:4.5