Vulnerability Details : CVE-2004-0695
Stack-based buffer overflow in the FTP service for 4D WebSTAR 5.3.2 and earlier allows remote attackers to execute arbitrary code via a long FTP command.
Vulnerability category: OverflowExecute code
At least one public exploit which can be used to exploit this vulnerability exists!
Exploit prediction scoring system (EPSS) score for CVE-2004-0695
Probability of exploitation activity in the next 30 days: 87.71%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 98 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2004-0695
-
WebSTAR FTP Server USER Overflow
Disclosure Date : 2004-07-13exploit/osx/ftp/webstar_ftp_userThis module exploits a stack buffer overflow in the logging routine of the WebSTAR FTP server. Reliable code execution is obtained by a series of hops through the System library. Authors: - ddz <[email protected]> - hdm <[email protected]>
CVSS scores for CVE-2004-0695
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
[email protected] |
References for CVE-2004-0695
Products affected by CVE-2004-0695
- cpe:2.3:a:4d:webstar:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:4d:webstar:5.2:*:*:*:*:*:*:*
- cpe:2.3:a:4d:webstar:5.3:*:*:*:*:*:*:*
- cpe:2.3:a:4d:webstar:5.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:4d:webstar:5.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:4d:webstar:5.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:4d:webstar:5.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:4d:webstar:5.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:4d:webstar:5.3.2:*:*:*:*:*:*:*