Detections
Analytics
XM Easy FTP Server USER Command Buffer Overflow
high Nessus Plugin ID 21338
Language:
Synopsis
The remote FTP server is affected by a buffer overflow flaw.Description
The remote host appears to be using XM Easy FTP Server, a personal FTP server for Windows.The version of XM Easy FTP Server installed on the remote host contains a buffer overflow vulnerability that can be exploited by an unauthenticated user with a specially crafted USER command to crash the affected application or execute arbitrary code on the affected host.
Solution
Unknown at this time.See Also
https://www.securityfocus.com/archive/1/432960/30/0/threaded
Plugin Details
Severity: High
ID: 21338
File Name: xm_easy_ftp_user_overflow.nasl
Version: 1.26
Type: remote
Family: FTP
Published: 5/11/2006
Updated: 1/16/2024
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.9
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.2
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2006-2225
CVSS v3
Risk Factor: High
Base Score: 7.3
Temporal Score: 6.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
Vulnerability Information
Exploit Available: true
Exploit Ease: Exploits are available
Vulnerability Publication Date: 5/3/2006
Exploitable With
Core Impact
Reference Information
CVE: CVE-2006-2225
BID: 17836