Lucene search

MitreCVE-2007-0020

HistoryJan 24, 2007 - 1:28 a.m.

CVE-2007-0020

2007-01-2401:28:00

mitre

web.nvd.nist.gov

cve-2007-0020

panic transmit

sftp

buffer overflow

remote code execution

url

security vulnerability

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.1

Confidence

High

EPSS

0.229

Percentile

96.6%

JSON

Heap-based buffer overflow in the SFTP protocol handler for Panic Transmit (Transmit.app) up to 3.5.5 allows remote attackers to execute arbitrary code via a long ftps:// URL.

Affected configurations

Nvd

Node

panic_transmitpanic_transmitRange≤3.5.5

VendorProductVersionCPE
panic_transmitpanic_transmit*cpe:2.3:a:panic_transmit:panic_transmit:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
panic_transmit	panic_transmit	*	cpe:2.3:a:panic_transmit:panic_transmit::::::::

References

osvdb.org/32694

projects.info-pull.com/moab/MOAB-19-01-2007.html

secunia.com/advisories/23861

www.securityfocus.com/bid/22145

www.vupen.com/english/advisories/2007/0273

exchange.xforce.ibmcloud.com/vulnerabilities/31673

www.exploit-db.com/exploits/3160

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.1

Confidence

High

EPSS

0.229

Percentile

96.6%

JSON

Related for CVE-2007-0020