Vulnerability Details : CVE-2005-2373
Public exploit exists!
Buffer overflow in SlimFTPd 3.15 and 3.16 allows remote authenticated users to execute arbitrary code via a long directory name to (1) LIST, (2) DELE or (3) RNFR commands.
Vulnerability category: OverflowExecute code
Products affected by CVE-2005-2373
- cpe:2.3:a:whitsoft_development:slimftpd:3.15:*:*:*:*:*:*:*
- cpe:2.3:a:whitsoft_development:slimftpd:3.16:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-2373
7.78%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 94 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2005-2373
-
SlimFTPd LIST Concatenation Overflow
Disclosure Date: 2005-07-21First seen: 2020-04-26exploit/windows/ftp/slimftpd_list_concatThis module exploits a stack buffer overflow in the SlimFTPd server. The flaw is triggered when a LIST command is received with an overly-long argument. This vulnerability affects all versions of SlimFTPd prior to 3.16 and was discovered by Raphael Rigo.
CVSS scores for CVE-2005-2373
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
References for CVE-2005-2373
Jump to