Published: 31/12/2004 Updated: 11/07/2017

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

VMScore: 660

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Format string vulnerability in the msg command (cat_message function in msg.c) in OpenFTPD 0.30.2 and previous versions allows remote authenticated users to execute arbitrary code via format string specifiers in the message argument.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openftpd openftpd ftp server 0.29.4
openftpd openftpd ftp server 0.30
openftpd openftpd ftp server 0.30.1
openftpd openftpd ftp server

/*********************************************************** * hoagie_openftpdc * LINUX/X86 OPENFTPD REMOTE EXLPOIT (<= 0302) * * " * Searching for those warez ftpd's out there and * leeching 'free' movies * " * * Remote Linux/OpenFTPD exploit for the format string bug * in the message system This vulnerability was rediscovered * by a VOID ...

/* * shouts to mitakeet :D * * exploit for openftpd format string bug tested on most current version only * -infamous42md AT hotpop DOT com is real email * * only tricky part is find a place to stick the shell, as there isn't enough * room to send it with the format string thankfully when using the 'site msg' * commands, all of the arg ...

NVD-CWE-Other http://archives.neohapsis.com/archives/bugtraq/2004-07/0350.html http://archives.neohapsis.com/archives/bugtraq/2004-08/0017.html http://www.openftpd.org:9673/openftpd http://www.securityfocus.com/bid/10830 http://www.osvdb.org/8261 http://securitytracker.com/id?1010823 http://secunia.com/advisories/12174 https://exchange.xforce.ibmcloud.com/vulnerabilities/16843 https://nvd.nist.gov https://www.exploit-db.com/exploits/372/

CVE-2004-2523

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect