Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2007-1567

Published: 21/03/2007 Updated: 08/03/2011
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to War Ftp Daemon

Vulnerability Summary

Stack-based buffer overflow in War FTP Daemon 1.65, and possibly earlier, allows remote malicious users to cause a denial of service or execute arbitrary code via unspecified vectors, as demonstrated by warftp_165.tar by Immunity. NOTE: this might be the same issue as CVE-1999-0256, CVE-2000-0131, or CVE-2006-2171, but due to Immunity's lack of details, this cannot be certain.

Vulnerable Product Search on Vulmon Subscribe to Product

war ftp daemon war ftp daemon

Exploits

Exploit DB: WarFTP 1.65 (Windows 2000 SP4) - 'USER' Remote Buffer Overflow (Python)
#!/usr/bin/python # Remote exploit for WarFTP 165 Tested on Windows 2000 server SP4 inside # VMware A trivially exploitable stack overflow is present in WarFTP which # can be triggered by sending a long username (>480 bytes) along with the USER # ftp command Maybe other commands like PASS might also be affected I did # not check though Thi ...
Exploit DB: WarFTP 1.65 - 'USER' Remote Buffer Overflow
#include <stdioh> #include <stringh> #include <winsockh> #define VULNSERVER "WAR-FTPD 165" #define VULNCMD "\x55\x53\x45\x52\x20" #define ZERO '\x00' #define NOP '\x90' #define VULNBUFF 485 #define BUFFREAD 128 #define PORT ...
Exploit DB: WarFTP 1.65 (Windows 2000 SP4) - 'USER' Remote Buffer Overflow (Perl)
# =============================================================================================== # WarFTP 165 (USER) Remote Buffer Overflow SEH overflow Exploit # By Umesh Wanve # =============================================================================================== # # Date : 15-03-2007 # ...

Github Repositories

https://github.com/war4uthor/CVE-2007-1567

CVE-2007-1567 - WarFTP 1.65 'USER' Remote Buffer Overflow Vulnerability. Tested on Windows XP Professional SP3.

CVE-2007-1567

https://github.com/iricartb/buffer-overflow-warftp-1.65

Ivan Ricart Borges - WarFTP is prone to a stack-based buffer-overflow vulnerability because it fails to properly check boundaries on user-supplied data before copying it to an insufficiently sized buffer.

Buffer Overflow War FTP Daemon - CVE-2007-1567 Type: Unavailable / Other Severity: High Publication date: 03/21/2007 Last modified: 03/07/2011 Description Stack-based buffer overflow in War FTP Daemon 165, and possibly earlier, allows remote attackers to cause a denial of service or execute arbitrary code via unspecified vectors, as demonstrated by warftp_165tar by Immunity

References

NVD-CWE-Otherhttps://www.immunityinc.com/downloads/immpartners/warftp_165.tarhttp://www.securityfocus.com/bid/22944http://secunia.com/advisories/24494http://www.vupen.com/english/advisories/2007/0933https://nvd.nist.govhttps://github.com/war4uthor/CVE-2007-1567https://www.exploit-db.com/exploits/3474/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-29895injectCVE-2023-52689CVE-2024-5049CVE-2024-5051privilege escalationphysicalCVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook