Lucene search

MitreCVE-2009-5141

HistoryApr 01, 2014 - 3:24 a.m.

CVE-2009-5141

2014-04-0103:24:55

CWE-134

mitre

web.nvd.nist.gov

cve-2009-5141

format string vulnerability

war ftp daemon

warftpd 1.82 rc 12

remote authenticated users

denial of service

crash

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

AI Score

6.4

Confidence

Low

EPSS

0.08

Percentile

94.4%

JSON

Format string vulnerability in War FTP Daemon (warftpd) 1.82 RC 12 allows remote authenticated users to cause a denial of service (crash) via format string specifiers in a LIST command.

Affected configurations

Nvd

Node

jgaawarftpdMatch1.8.2rc12

VendorProductVersionCPE
jgaawarftpd1.8.2cpe:2.3:a:jgaa:warftpd:1.8.2:rc12:*:*:*:*:*:*

Vendor	Product	Version	CPE
jgaa	warftpd	1.8.2	cpe:2.3:a:jgaa:warftpd:1.8.2:rc12::::::

References

archives.neohapsis.com/archives/bugtraq/2009-09/0105.html

www.exploit-db.com/exploits/9622

www.osvdb.org/62599

www.warftp.org/index.php?menu=338&cmd=show_article&article_id=1003

www.corelan.be/index.php/forum/security-advisories-archive-2009/corelan-09001-warftpd-1-82-rc12-dos/

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

AI Score

6.4

Confidence

Low

EPSS

0.08

Percentile

94.4%

JSON

Related for CVE-2009-5141