Lucene search

MitreCVE-2005-1371

HistoryMay 03, 2005 - 4:00 a.m.

CVE-2005-1371

2005-05-0304:00:00

mitre

web.nvd.nist.gov

cve-2005-1371

bpftpserver

bulletproof ftp server

privilege escalation

local exploit

nvd

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.9

Confidence

Low

EPSS

Percentile

0.4%

JSON

BPFTPServer service in BulletProof FTP Server 2.4.0.31 does not properly drop privileges before opening files through the Help menu, which allows local users to gain privileges.

Affected configurations

Nvd

Node

bulletproofbulletproof_ftp_serverMatch2.4.0.31

VendorProductVersionCPE
bulletproofbulletproof_ftp_server2.4.0.31cpe:2.3:a:bulletproof:bulletproof_ftp_server:2.4.0.31:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
bulletproof	bulletproof_ftp_server	2.4.0.31	cpe:2.3:a:bulletproof:bulletproof_ftp_server:2.4.0.31:::::::*

References

marc.info/?l=bugtraq&m=111464474828477&w=2

secunia.com/advisories/15152

www.osvdb.org/15898

www.securityfocus.com/bid/13410

www.vupen.com/english/advisories/2005/0419

exchange.xforce.ibmcloud.com/vulnerabilities/20301

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.9

Confidence

Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2005-1371