CVE-2007-1082 - FTP Explorer 1.0.1 Build 047, and other versions before 1.0.1.52, allows remote servers to cause a d

CVE-2007-1082

Summary

FTP Explorer 1.0.1 Build 047, and other versions before 1.0.1.52, allows remote servers to cause a denial of service (CPU consumption) via a long response to a PWD command.

References

http://osvdb.org/33496
http://www.attrition.org/pipermail/vim/2007-March/001470.html
http://www.securityfocus.com/bid/22640
https://exchange.xforce.ibmcloud.com/vulnerabilities/32606
https://www.exploit-db.com/exploits/3347

Vulnerable Configurations

cpe:2.3:a:ftpx:ftp_explorer:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ftpx:ftp_explorer:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ftpx:ftp_explorer:1.0.1.47:*:*:*:*:*:*:*
cpe:2.3:a:ftpx:ftp_explorer:1.0.1.47:*:*:*:*:*:*:*

CVSS

Base:	7.1 (as of 11-10-2017 - 01:31)
Impact:
Exploitability:

CWE

CWE-399

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:N/A:C

refmap via4

bid	22640
exploit-db	3347
osvdb	33496
vim	20070324 Vendor ACK for FTPx DoS (CVE-2007-1082)
xf	ftpexplorer-pwd-dos(32606)

Last major update

11-10-2017 - 01:31

Published

22-02-2007 - 23:28

Last modified

11-10-2017 - 01:31