Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2170

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2006-2170
Last Modified 07 Mar 2011 09:35:28
Published 04 May 2006 08:38:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2170

Summary

Buffer overflow in ArgoSoft FTP Server 1.4.3.6 allows remote attackers to execute arbitrary code via Unicode in the RNTO command, as demonstrated by the Infigo FTPStress Fuzzer.

Vulnerable Systems

Application

  • Argosoft Ftp Server 1.4.1.1

  • Argosoft Ftp Server 1.4.1.2

  • Argosoft Ftp Server 1.4.1.3

  • Argosoft Ftp Server 1.4.1.4

  • Argosoft Ftp Server 1.4.1.5

  • Argosoft Ftp Server 1.4.1.6

  • Argosoft Ftp Server 1.4.1.7

  • Argosoft Ftp Server 1.4.1.8

  • Argosoft Ftp Server 1.4.1.9

  • Argosoft Ftp Server 1.4.2

  • Argosoft Ftp Server 1.4.2.1

  • Argosoft Ftp Server 1.4.2.2

  • Argosoft Ftp Server 1.4.2.29

  • Argosoft Ftp Server 1.4.2.7

  • Argosoft Ftp Server 1.4.2.8

  • Argosoft Ftp Server 1.4.3.5


References

XF - argosoft-ftp-rnto-bo(26197)

VUPEN - ADV-2006-1639

BID - 17789

OSVDB - 25216

MISC - http://www.infigo.hr/hr/in_focus/advisories/INFIGO-2006-05-03

MISC - http://www.infigo.hr/en/in_focus/tools

SECUNIA - 19934

BUGTRAQ - 20060502 FTP Fuzzer

BUGTRAQ - 20060508 INFIGO-2006-05-03: Multiple FTP Servers vulnerabilities


Last Updated: 27 May 2016 10:42:22