Heap-based buffer overflow in Golden FTP Server (goldenftpd) 1.92 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long PASS command. NOTE: it was later reported that 4.70 is also affected. NOTE: the USER vector is already covered by CVE-2005-0634.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/161711/Golden-FTP-Server-4.70-Buffer-Overflow.html | Exploit Third Party Advisory VDB Entry |
http://retrogod.altervista.org/golden_heap.html | Broken Link |
http://secunia.com/advisories/23323 | Third Party Advisory |
http://www.exploit-db.com/exploits/16036 | Exploit Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/45924 | Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/45957 | Third Party Advisory VDB Entry |
http://www.vupen.com/english/advisories/2006/4936 | Third Party Advisory |
Configurations
History
16 Mar 2021, 19:23
Type | Values Removed | Values Added |
---|---|---|
References | (BID) http://www.securityfocus.com/bid/45957 - Third Party Advisory, VDB Entry | |
References | (EXPLOIT-DB) http://www.exploit-db.com/exploits/16036 - Exploit, Third Party Advisory, VDB Entry | |
References | (VUPEN) http://www.vupen.com/english/advisories/2006/4936 - Third Party Advisory | |
References | (MISC) http://packetstormsecurity.com/files/161711/Golden-FTP-Server-4.70-Buffer-Overflow.html - Exploit, Third Party Advisory, VDB Entry | |
References | (SECUNIA) http://secunia.com/advisories/23323 - Third Party Advisory | |
References | (BID) http://www.securityfocus.com/bid/45924 - Third Party Advisory, VDB Entry | |
References | (MISC) http://retrogod.altervista.org/golden_heap.html - Broken Link | |
CWE | CWE-787 | |
CPE | cpe:2.3:a:goldenftpserver:golden_ftp_server:1.92:*:*:*:*:*:*:* |
09 Mar 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2006-12-15 19:28
Updated : 2023-12-10 10:40
NVD link : CVE-2006-6576
Mitre link : CVE-2006-6576
CVE.ORG link : CVE-2006-6576
JSON object : View
Products Affected
goldenftpserver
- golden_ftp_server
CWE
CWE-787
Out-of-bounds Write