漏洞信息详情
Code-Crafters Ability Server FTP STOR和APPE参数远程缓冲区溢出漏洞
- CNNVD编号:CNNVD-200410-087
- 危害等级: 低危
- CVE编号: CVE-2004-1626
- 漏洞类型: 缓冲区溢出
- 发布时间: 2004-10-22
- 威胁类型: 远程
- 更新时间: 2005-10-20
- 厂 商: code-crafters
- 漏洞来源: Exploit code was p...
漏洞简介
Ability Server 2.34版本及其他可能的版本中存在缓冲区溢出漏洞。远程攻击者可以借助超长的STOR命令执行任意代码。
漏洞公告
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
参考网址
来源:US-CERT Vulnerability Note: VU#857846 名称: VU#857846 链接:http://www.kb.cert.org/vuls/id/857846 来源: XF 名称: abilityftpserver-stor-dos(17823) 链接:http://xforce.iss.net/xforce/xfdb/17823 来源: BID 名称: 11508 链接:http://www.securityfocus.com/bid/11508 来源: OSVDB 名称: 11030 链接:http://www.osvdb.org/11030 来源: SECUNIA 名称: 12941 链接:http://secunia.com/advisories/12941 来源: BUGTRAQ 名称: 20041022 Ability FTP Server 2.34 Buffer Overflow Exploit 链接:http://marc.theaimsgroup.com/?l=bugtraq&m=109850947508816&w=2
受影响实体
- Code-Crafters Ability_server:2.3.4
- Code-Crafters Ability_server:2.3.2
- Code-Crafters Ability_server:2.2.5
补丁
暂无
评论