CVE-2011-0507

2011-01-2019:00:10

[email protected]

web.nvd.nist.gov

cve-2011-0507

denial of service

ftpservice.exe

blackmoon ftp 3.1

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

7.1 High

AI Score

Confidence

High

0.023 Low

EPSS

Percentile

89.8%

JSON

FTPService.exe in Blackmoon FTP 3.1 Build 1735 and Build 1736 (3.1.7.1736), and possibly other versions before 3.1.8.1737, allows remote attackers to cause a denial of service (crash) via a large number of PORT commands with long arguments, which triggers a NULL pointer dereference. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

blackmoonftpserverblackmoon_ftp_serverMatch3.1

blackmoonftpserverblackmoon_ftp_serverMatch3.1.7.1735

blackmoonftpserverblackmoon_ftp_serverMatch3.1.7.1736

CPENameOperatorVersion
blackmoonftpserver:blackmoon_ftp_serverblackmoonftpserver blackmoon ftp servereq3.1
blackmoonftpserver:blackmoon_ftp_serverblackmoonftpserver blackmoon ftp servereq3.1.7.1735
blackmoonftpserver:blackmoon_ftp_serverblackmoonftpserver blackmoon ftp servereq3.1.7.1736

CPE	Name	Operator	Version
blackmoonftpserver:blackmoon_ftp_server	blackmoonftpserver blackmoon ftp server	eq	3.1
blackmoonftpserver:blackmoon_ftp_server	blackmoonftpserver blackmoon ftp server	eq	3.1.7.1735
blackmoonftpserver:blackmoon_ftp_server	blackmoonftpserver blackmoon ftp server	eq	3.1.7.1736