CVE-2007-0201 - Buffer overflow in the cmd_usr function in ftp-gw in TIS Internet Firewall Toolkit (FWTK) allows rem

CVE-2007-0201

Summary

Buffer overflow in the cmd_usr function in ftp-gw in TIS Internet Firewall Toolkit (FWTK) allows remote attackers to execute arbitrary code via a long destination hostname (dest).

References

http://osvdb.org/35967
http://securitytracker.com/id?1017481
http://www.ranum.com/security/computer_security/editorials/codetools/
http://www.securityfocus.com/bid/21960
https://exchange.xforce.ibmcloud.com/vulnerabilities/31363

Vulnerable Configurations

cpe:2.3:a:tis:internet_firewall_toolkit:*:*:*:*:*:*:*:*
cpe:2.3:a:tis:internet_firewall_toolkit:*:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 29-07-2017 - 01:30)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	21960
misc	http://www.ranum.com/security/computer_security/editorials/codetools/
osvdb	35967
sectrack	1017481
xf	tisfwtk-ftpgw-bo(31363)

Last major update

29-07-2017 - 01:30

Published

11-01-2007 - 11:28

Last modified

29-07-2017 - 01:30