CVE-2011-10005

Published: Jan 16, 2024Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

A vulnerability, which was classified as critical, was found in EasyFTP 1.7.0.2. Affected is an unknown function of the component MKD Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250716.

Affected (1)

Products: Easyftp Server Project: Easyftp Server

Easyftp Server Project

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Easyftp Server Project Easyftp Server	Version 1.7.0.2

Related CWEs

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (6)

https://vuldb.com/?ctiid.250716

Source: cna@vuldb.com

Permissions RequiredThird Party Advisory

https://vuldb.com/?id.250716

Source: cna@vuldb.com

Permissions RequiredThird Party Advisory

https://www.exploit-db.com/exploits/17354

Source: cna@vuldb.com

ExploitThird Party AdvisoryVDB Entry

https://vuldb.com/?ctiid.250716

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions RequiredThird Party Advisory

https://vuldb.com/?id.250716

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions RequiredThird Party Advisory

https://www.exploit-db.com/exploits/17354

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party AdvisoryVDB Entry

Timeline

No history available yet.