CVE-2005-3467

EPSS 2.04%
Veröffentlicht 02.11.2005 23:02:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Serv-U FTP Server before 6.1.0.4 allows attackers to cause a denial of service (crash) via (1) malformed packets and possibly other unspecified issues with unknown impact and attack vectors including (2) use of "~" in a pathname, and (3) memory consumption of the daemon.  NOTE: it is not clear whether items (2) and above are vulnerabilities.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Solarwinds ≫ Serv-u File Server Version <= 6.1.0.1

Solarwinds ≫ Serv-u File Server Version3.0.0.16

Solarwinds ≫ Serv-u File Server Version3.0.0.17

Solarwinds ≫ Serv-u File Server Version3.1.0.0

Solarwinds ≫ Serv-u File Server Version3.1.0.1

Solarwinds ≫ Serv-u File Server Version3.1.0.3

Solarwinds ≫ Serv-u File Server Version4.0.0.4

Solarwinds ≫ Serv-u File Server Version4.1.0.0

Solarwinds ≫ Serv-u File Server Version4.1.0.3

Solarwinds ≫ Serv-u File Server Version5.0.0.0

Solarwinds ≫ Serv-u File Server Version5.0.0.4

Solarwinds ≫ Serv-u File Server Version5.0.0.9

Solarwinds ≫ Serv-u File Server Version5.0.0.11

Solarwinds ≫ Serv-u File Server Version5.1.0.0

Solarwinds ≫ Serv-u File Server Version5.2.0.0

Solarwinds ≫ Serv-u File Server Version5.2.0.1

Solarwinds ≫ Serv-u File Server Version6.0.0.0

Solarwinds ≫ Serv-u File Server Version6.0.0.1

Solarwinds ≫ Serv-u File Server Version6.0.0.2

Solarwinds ≫ Serv-u File Server Version6.1.0.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	2.04%	0.822

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://secunia.com/advisories/17409

Patch

Vendor Advisory

http://securitytracker.com/id?1015151

http://www.securityfocus.com/bid/15273

http://www.serv-u.com/releasenotes.asp

http://www.vupen.com/english/advisories/2005/2267

https://nvd.nist.gov/vuln/detail/CVE-2005-3467

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-3467

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-3467

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2005-3467