Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3768

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2006-3768
Last Modified 07 Mar 2011 09:39:25
Published 28 Jul 2006 07:04:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-3768

Summary

Integer underflow in filecpnt.exe in FileCOPA FTP Server 1.01 before 2006-07-21 allow remote authenticated users to execute arbitrary code via a long argument to the (1) CWD, (2) DELE, (3) MDTM, and (4) MKD commands, which triggers a stack-based buffer overflow.

Vulnerable Systems

Application

  • Intervations Filecopa 1.01


References

CERT-VN - VU#713092

BID - 19153

BUGTRAQ - 20060725 Secunia Research: FileCOPA Directory Argument Handling BufferOverflow

SECUNIA - 21097

XF - filecopa-ftp-dir-bo(27941)

VUPEN - ADV-2006-2960

MISC - http://secunia.com/secunia_research/2006-55/advisory/

OSVDB - 27486

CONFIRM - http://www.kb.cert.org/vuls/id/RGII-6TYN6M

SREASON - 1300


Last Updated: 27 May 2016 10:43:06