CVE-2014-4643CVE-2014-4643

Affected configuration(s):

cpe:/a:coreftp:core_ftp:2.2

Date published: 2014-06-25T16:55:07.710-04:00

Date last modified: 2014-06-26T10:30:31.607-04:00

CVSS Score: 5.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://packetstormsecurity.com/files/127075/Core-FTP-LE-2.2-Heap-Overflow.html

Summary: Multiple heap-based buffer overflows in the client in Core FTP LE 2.2 build 1798 allow remote FTP servers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string in a reply to a (1) USER, (2) PASS, (3) PASV, (4) SYST, (5) PWD, or (6) CDUP command.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.