Published: 19/01/2007 Updated: 29/07/2017

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

VMScore: 655

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Subscribe to Maxum Development Corporation

Multiple heap-based buffer overflows in rumpusd in Rumpus 5.1 and previous versions (1) allow remote authenticated users to execute arbitrary code via a long LIST command and other unspecified requests to the FTP service, and (2) allow remote malicious users to execute arbitrary code via unspecified requests to the HTTP service.

Vulnerable Product	Search on Vulmon	Subscribe to Product
maxum development corporation rumpus ftp server

#!/usr/bin/ruby # Copyright (c) Lance M Havok <lmh [at] info-pullcom> # Kevin Finisterre <kf_lists [at] digitalmunitioncom> # # Proof of concept for issues described in MOAB-18-01-2007 require 'net/ftp' require 'socket' bugselected = (ARGV[0] || 0)to_i target_host = (ARGV[1] || "localhost") target_user = (ARGV[2] | ...

NVD-CWE-Other http://projects.info-pull.com/moab/MOAB-18-01-2007.html http://secunia.com/advisories/23842 http://osvdb.org/32692 http://osvdb.org/32689 https://exchange.xforce.ibmcloud.com/vulnerabilities/31594 https://nvd.nist.gov https://www.exploit-db.com/exploits/3156/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-0019

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect