Vulnerability Details : CVE-2006-0441
Public exploit exists!
Stack-based buffer overflow in Sami FTP Server 2.0.1 allows remote attackers to execute arbitrary code via a long USER command, which triggers the overflow when the log is viewed.
Vulnerability category: OverflowExecute code
Products affected by CVE-2006-0441
- cpe:2.3:a:karjasoft:sami_ftp_server:2.0.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-0441
81.13%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2006-0441
-
KarjaSoft Sami FTP Server v2.0.2 USER Overflow
Disclosure Date: 2006-01-24First seen: 2020-04-26exploit/windows/ftp/sami_ftpd_userThis module exploits an unauthenticated stack buffer overflow in KarjaSoft Sami FTP Server version 2.0.2 by sending an overly long USER string during login. The payload is triggered when the administrator opens the application GUI. If the GUI windo
CVSS scores for CVE-2006-0441
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2006-0441
-
http://secunia.com/advisories/18574
Vendor Advisory
-
http://www.securityfocus.com/bid/16370
Sami FTP Server User Command Buffer Overflow VulnerabilityExploit
-
http://www.vupen.com/english/advisories/2006/0317
-
https://www.exploit-db.com/exploits/40675/
-
http://www.karjasoft.com/samiftp/news
-
http://www.critical.lt/?vulnerabilities/208
Exploit;Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/24325
-
http://www.securityfocus.com/archive/1/423148/100/0/threaded
-
http://downloads.securityfocus.com/vulnerabilities/exploits/sami_ftp_poc.pl
Jump to