ID CVE-2006-0441
Summary Stack-based buffer overflow in Sami FTP Server 2.0.1 allows remote attackers to execute arbitrary code via a long USER command, which triggers the overflow when the log is viewed.
References
Vulnerable Configurations
  • cpe:2.3:a:karjasoft:sami_ftp_server:2.0.1
    cpe:2.3:a:karjasoft:sami_ftp_server:2.0.1
CVSS
Base: 7.5 (as of 26-01-2006 - 22:45)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
exploit-db via4
  • description KarjaSoft Sami FTP Server v2.02 USER Overflow. CVE-2006-0441,CVE-2006-2212. Remote exploit for windows platform
    id EDB-ID:16702
    last seen 2016-02-02
    modified 2010-04-30
    published 2010-04-30
    reporter metasploit
    source https://www.exploit-db.com/download/16702/
    title KarjaSoft Sami FTP Server 2.02 - USER Overflow
  • description Sami FTP Server 2.0.1 Remote Buffer Overflow Exploit (cpp). CVE-2006-0441. Remote exploit for windows platform
    id EDB-ID:1462
    last seen 2016-01-31
    modified 2006-01-31
    published 2006-01-31
    reporter HolyGhost
    source https://www.exploit-db.com/download/1462/
    title Sami FTP Server 2.0.1 - Remote Buffer Overflow Exploit cpp
  • description Sami FTP Server 2.0.2 (USER/PASS) Remote Buffer Overflow Exploit. CVE-2006-0441. Remote exploit for windows platform
    id EDB-ID:3140
    last seen 2016-01-31
    modified 2007-01-17
    published 2007-01-17
    reporter UmZ
    source https://www.exploit-db.com/download/3140/
    title Sami FTP Server 2.0.2 USER/PASS Remote Buffer Overflow Exploit
  • description Sami FTP Server 2.0.2 (USER/PASS) Remote Buffer Overflow PoC. CVE-2006-0441. Dos exploit for windows platform
    id EDB-ID:3127
    last seen 2016-01-31
    modified 2007-01-14
    published 2007-01-14
    reporter Marsu
    source https://www.exploit-db.com/download/3127/
    title Sami FTP Server 2.0.2 USER/PASS Remote Buffer Overflow PoC
  • description Sami FTP Server 2.0.1 Remote Stack Based Buffer Overflow PoC. CVE-2006-0441. Remote exploit for windows platform
    id EDB-ID:1448
    last seen 2016-01-31
    modified 2006-01-25
    published 2006-01-25
    reporter Critical Security
    source https://www.exploit-db.com/download/1448/
    title Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow PoC
  • description KarjaSoft Sami FTP Server 2.0.2 - USER/PASS Remote Buffer Overflow (SEH). CVE-2006-0441. Remote exploit for Windows platform
    file exploits/windows/remote/40675.py
    id EDB-ID:40675
    last seen 2016-11-01
    modified 2016-11-01
    platform windows
    port
    published 2016-11-01
    reporter n30m1nd
    source https://www.exploit-db.com/download/40675/
    title KarjaSoft Sami FTP Server 2.0.2 - USER/PASS Remote Buffer Overflow (SEH)
    type remote
metasploit via4
description This module exploits the KarjaSoft Sami FTP Server version 2.02 by sending an excessively long USER string. The stack is overwritten when the administrator attempts to view the FTP logs. Therefore, this exploit is passive and requires end-user interaction. Keep this in mind when selecting payloads. When the server is restarted, it will re-execute the exploit until the logfile is manually deleted via the file system.
id MSF:EXPLOIT/WINDOWS/FTP/SAMI_FTPD_USER
last seen 2019-02-24
modified 2017-11-08
published 2008-03-17
reliability Normal
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/ftp/sami_ftpd_user.rb
title KarjaSoft Sami FTP Server v2.02 USER Overflow
packetstorm via4
refmap via4
bid 16370
bugtraq 20060124 SamiFTPd buffer overflow
confirm http://www.karjasoft.com/samiftp/news
exploit-db 40675
misc
secunia 18574
vupen ADV-2006-0317
xf samiftpserver-user-bo(24325)
Last major update 07-03-2011 - 21:30
Published 26-01-2006 - 17:03
Last modified 19-10-2018 - 11:44
Back to Top