Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2005-1666

Published: 18/05/2005 Updated: 11/07/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 760
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Orenosv Http Ftp Server

Vulnerability Summary

Multiple buffer overflows in Orenosv HTTP/FTP Server 0.8.1 allow remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via long arguments to FTP commands such as MKD, RMD, or DELE, which are processed by the (1) ftp_xlate_path, (2) ftp_is_canonical, or (3) os_fn_nativize functions, or (4) a long SSI command that is processed by the parse_cmd function in cgissi.exe.

Vulnerable Product Search on Vulmon Subscribe to Product

orenosv orenosv http ftp server

Exploits

Exploit DB: Orenosv HTTP/FTP Server 0.8.1 - FTP Commands Remote Buffer Overflow
source: wwwsecurityfocuscom/bid/13546/info The FTP server shipped with Orenosv HTTP/FTP is prone to a remote buffer-overflow vulnerability This issue presents itself when the application handles excessive values supplied as filenames through various FTP commands A successful attack may corrupt memory, cause a denial of service, or exe ...
Exploit DB: Orenosv HTTP/FTP Server 0.8.1 - 'CGISSI.exe' Remote Buffer Overflow (PoC)
source: wwwsecurityfocuscom/bid/13549/info Orenosv HTTP/FTP server is prone to a remote buffer overflow vulnerability that affects 'cgissiexe' This issue presents itself when the application handles excessive values supplied through an SSI command name A successful attack can result in memory corruption and can be leveraged to cause ...

References

NVD-CWE-Otherhttp://www.security.org.sg/vuln/orenosv081.htmlhttp://www.securiteam.com/windowsntfocus/5FP0H00FPS.htmlhttp://hp.vector.co.jp/authors/VA027031/orenosv/index_en.htmlhttp://www.securityfocus.com/bid/13546http://www.securityfocus.com/bid/13549http://www.osvdb.org/16165http://www.osvdb.org/16166http://securitytracker.com/id?1013923http://secunia.com/advisories/15302http://www.vupen.com/english/advisories/2005/0499https://exchange.xforce.ibmcloud.com/vulnerabilities/20512https://exchange.xforce.ibmcloud.com/vulnerabilities/20510https://nvd.nist.govhttps://www.exploit-db.com/exploits/25629/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895blind SQL injectionCVE-2024-5064CVE-2023-52677CVE-2023-52682CVE-2024-30051CVE-2024-35849remote attackersremote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook