Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2011-5166

Published: 15/09/2012 Updated: 29/08/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 770
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Elif Keir

Vulnerability Summary

Multiple stack-based buffer overflows in KnFTP 1.0.0 allow remote malicious users to execute arbitrary code via a long string to the (1) USER, (2) PASS, (3) REIN, (4) QUIT, (5) PORT, (6) PASV, (7) TYPE, (8) STRU, (9) MODE, (10) RETR, (11) STOR, (12) APPE, (13) ALLO, (14) REST, (15) RNFR, (16) RNTO, (17) ABOR, (18) DELE, (19) CWD, (20) LIST, (21) NLST, (22) SITE, (23) STST, (24) HELP, (25) NOOP, (26) MKD, (27) RMD, (28) PWD, (29) CDUP, (30) STOU, (31) SNMT, (32) SYST, and (33) XPWD commands.

Vulnerable Product Search on Vulmon Subscribe to Product

elif keir knftp 1.0.0

Exploits

Exploit DB: KnFTP 1.0 - Remote Buffer Overflow (DEP Bypass) (Metasploit)
#module for metasploit framework, for more information #see the Description #Copyright (C) October 04th 2011 #Author: Javier Aguinaga (pasta) eltiopastafrola[at]gmailcom # #This program is free software: you can redistribute it and/or modify #it under the terms of the GNU General Public License as published by #the Free Software Foundation, ei ...
Exploit DB: KnFTP Server - Remote Buffer Overflow
#!/usr/bin/python # tested on windows xp sp3 # overwrites EIP # seh is overwritten with larger payloads # knftpdexe is the only non safeseh module import sys,socket print "\n=====================" print "KnFTP Buffer Overflow" print " Written by Blake " print "=====================\n" if len(sysargv) !=3: print "[*] Usage: %s <ip> &lt ...
Exploit DB: KnFTP 1.0.0 Server - 'USER' Remote Buffer Overflow
# Exploit Title: KnFTP 100 Server - Remote Buffer Overflow Exploit,'USER' command # Date: 19/9/2011 # Author: mrpr0n (@_pr0n_) # Homepage: ghostinthelabwordpresscom/ - s3curegr # Tested on: Windows XP SP3 [En] #!/usr/bin/perl use IO::Socket; # Exploit Title: KnFTP 100 Server - Remote Buffer Overflow Exploit, 'USER' comma ...
Exploit DB: KnFTP 1.0.0 Server - Multiple Buffer Overflows (Denial of Service) (SEH) (PoC)
#!/usr/bin/python # Title: KnFTP Server Buffer Overflow Exploit (DoS PoC) # From: The eh?-Team || The Great White Fuzz (we're not sure yet) # Found by: loneferret (kinda) # Bug that made me fuzz this app by Blake: wwwexploit-dbcom/exploits/17819/ # Date Found: Sept 18th 2011 # Tested on: Windows XP SP2/SP3 Professional (DEP off) # Nod to ...

References

CWE-119http://www.exploit-db.com/exploits/18089http://archives.neohapsis.com/archives/bugtraq/2011-09/0015.htmlhttp://www.osvdb.org/75147http://www.exploit-db.com/exploits/17870http://secunia.com/advisories/45907http://www.exploit-db.com/exploits/17819http://www.exploit-db.com/exploits/17856https://exchange.xforce.ibmcloud.com/vulnerabilities/69557https://nvd.nist.govhttps://www.exploit-db.com/exploits/18089/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereferenceCVE-2023-52689CVE-2024-23803client sideCVE-2023-52696information disclosureCVE-2024-35843CVE-2024-27130CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook