漏洞标题
N/A
漏洞描述信息
"KnFTP 1.0.0中的多个基于栈的缓冲区溢出允许远程攻击者通过长字符串执行任意代码,以(1)用户名,(2)密码,(3) Rinn,(4) QUIT,(5) 端口,(6) PASV,(7) 类型,(8) STRU,(9) 模式,(10) RETR,(11) STOR,(12) APPE,(13) ALLO,(14) REST,(15) RNFR,(16) RNTO,(17) ABOR,(18) DELE,(19) CWD,(20) LIST,(21) NLST,(22) SITE,(23) STST,(24) Help,(25) NOOP,(26) MKD,(27) RMD,(28) PWD,(29) CDUP,(30) STOU,(31) SNMT,(32) SYST,和(33) XPWD命令进行远程攻击。"
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Multiple stack-based buffer overflows in KnFTP 1.0.0 allow remote attackers to execute arbitrary code via a long string to the (1) USER, (2) PASS, (3) REIN, (4) QUIT, (5) PORT, (6) PASV, (7) TYPE, (8) STRU, (9) MODE, (10) RETR, (11) STOR, (12) APPE, (13) ALLO, (14) REST, (15) RNFR, (16) RNTO, (17) ABOR, (18) DELE, (19) CWD, (20) LIST, (21) NLST, (22) SITE, (23) STST, (24) HELP, (25) NOOP, (26) MKD, (27) RMD, (28) PWD, (29) CDUP, (30) STOU, (31) SNMT, (32) SYST, and (33) XPWD commands.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
KnFTP 多个基于栈的缓冲区溢出漏洞
漏洞描述信息
KnFTP 1.0.0版本中存在多个基于栈的缓冲区溢出漏洞。远程攻击者可利用这些漏洞通过(1)USER,(2)PASS,(3)REIN,(4)QUIT,(5)PORT,(6)PASV,(7)TYPE,(8)STRU,(9)MODE,10)RETR,(11)STOR,(12)APPE,(13)ALLO,(14)REST,(15)RNFR,(16)RNTO,(17)ABOR,(18)DELE,(19)CWD,(20)LIST,(21)NLST,(22)SITE,(23)STST,(24)HELP,(25)NO
CVSS信息
N/A
漏洞类别
授权问题