Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Gain root remotely >> XM Easy FTP Server USER Command Buffer Overflow Vulnerability


Vulnerability Assessment Details

XM Easy FTP Server USER Command Buffer Overflow Vulnerability

Vulnerability Assessment Summary
Checks for USER command buffer overflow vulnerability in XM Easy FTP Server

Detailed Explanation for this Vulnerability Assessment

Summary :

The remote FTP server is affected by a buffer overflow flaw.

Description :

The remote host appears to be using XM Easy FTP Server, a personal FTP
server for Windows.

The version of XM Easy FTP Server installed on the remote host
contains a buffer overflow vulnerability that can be exploited by an
unauthenticated user with a specially-crafted USER command to crash
the affected application or execute arbitrary code on the affected
host.

See also :

http://www.securityfocus.com/archive/1/432960/30/0/threaded

Solution :

Unknown at this time.

Network Security Threat Level:

High / CVSS Base Score : 7.0
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)

Networks Security ID: 17836

Vulnerability Assessment Copyright: This script is Copyright (C) 2006 Tenable Network Security

Cables, Connectors


HPE ProLiant BL460c Gen8 735151-B21 E5-v2 Blade Server LOADED w 512 GIGS MEMORY picture

HPE ProLiant BL460c Gen8 735151-B21 E5-v2 Blade Server LOADED w 512 GIGS MEMORY

$280.00



Dell PowerEdge FX2S FC830 Blade Server Chassis Enclosure 2*2000W PSU NO BLADES picture

Dell PowerEdge FX2S FC830 Blade Server Chassis Enclosure 2*2000W PSU NO BLADES

$239.99



Dell PowerEdge M620  Blade Server 64GB RAM - NO HARD DRIVES picture

Dell PowerEdge M620 Blade Server 64GB RAM - NO HARD DRIVES

$59.99



Cisco UCS B200 M3 Blade Server/ 2x Intel Xeon E5-2650 SR0KQ / 32GB RAM/ NO HDD picture

Cisco UCS B200 M3 Blade Server/ 2x Intel Xeon E5-2650 SR0KQ / 32GB RAM/ NO HDD

$34.99



Barebones Dell PowerEdge FC640 Blade Server No CPU/RAM/HDDs picture

Barebones Dell PowerEdge FC640 Blade Server No CPU/RAM/HDDs

$129.99



Sun Microsystems Blade 100 Workstation UltraSPARC-IIe 500MHz 256MB Server No HDD picture

Sun Microsystems Blade 100 Workstation UltraSPARC-IIe 500MHz 256MB Server No HDD

$69.99



Cisco - UCSB-5108-AC2 V03 Blade Server Chassis picture

Cisco - UCSB-5108-AC2 V03 Blade Server Chassis

$299.99



HP ProLiant BL460c G8 Blade Server (2 PROC)/NO RAM/NO HDD picture

HP ProLiant BL460c G8 Blade Server (2 PROC)/NO RAM/NO HDD

$75.00



Dell PowerEdge M620 0F9HJC Blade Server 2*E5-2670 2.60GHz 192GB RAM 2*300GB SAS picture

Dell PowerEdge M620 0F9HJC Blade Server 2*E5-2670 2.60GHz 192GB RAM 2*300GB SAS

$64.99



7x Cisco N20-C6508 UCS 5108 Blade Server Chassis w/8xFans N20 Fan5 No blades picture

7x Cisco N20-C6508 UCS 5108 Blade Server Chassis w/8xFans N20 Fan5 No blades

$117.95



Discussions

No Discussions have been posted on this vulnerability.