Vulnerability Details : CVE-2005-2373
Public exploit exists!
Buffer overflow in SlimFTPd 3.15 and 3.16 allows remote authenticated users to execute arbitrary code via a long directory name to (1) LIST, (2) DELE or (3) RNFR commands.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2005-2373
Probability of exploitation activity in the next 30 days: 13.09%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 95 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2005-2373
-
SlimFTPd LIST Concatenation Overflow
Disclosure Date: 2005-07-21First seen: 2020-04-26exploit/windows/ftp/slimftpd_list_concatThis module exploits a stack buffer overflow in the SlimFTPd server. The flaw is triggered when a LIST command is received with an overly-long argument. This vulnerability affects all versions of SlimFTPd prior to 3.16 and was discovered by Raphael Rigo.
CVSS scores for CVE-2005-2373
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
References for CVE-2005-2373
Products affected by CVE-2005-2373
- cpe:2.3:a:whitsoft_development:slimftpd:3.15:*:*:*:*:*:*:*
- cpe:2.3:a:whitsoft_development:slimftpd:3.16:*:*:*:*:*:*:*