1. CVE-Search
  2. CVE-2006-2170
ID CVE-2006-2170
Summary Buffer overflow in ArgoSoft FTP Server 1.4.3.6 allows remote attackers to execute arbitrary code via Unicode in the RNTO command, as demonstrated by the Infigo FTPStress Fuzzer.
References
Vulnerable Configurations
  • cpe:2.3:a:argosoft:ftp_server:1.4.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:argosoft:ftp_server:1.4.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:argosoft:ftp_server:1.4.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:argosoft:ftp_server:1.4.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:argosoft:ftp_server:1.4.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:argosoft:ftp_server:1.4.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:argosoft:ftp_server:1.4.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:argosoft:ftp_server:1.4.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:argosoft:ftp_server:1.4.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:argosoft:ftp_server:1.4.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:argosoft:ftp_server:1.4.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:argosoft:ftp_server:1.4.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:argosoft:ftp_server:1.4.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:argosoft:ftp_server:1.4.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:argosoft:ftp_server:1.4.1.8:*:*:*:*:*:*:*
    cpe:2.3:a:argosoft:ftp_server:1.4.1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:argosoft:ftp_server:1.4.1.9:*:*:*:*:*:*:*
    cpe:2.3:a:argosoft:ftp_server:1.4.1.9:*:*:*:*:*:*:*
  • cpe:2.3:a:argosoft:ftp_server:1.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:argosoft:ftp_server:1.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:argosoft:ftp_server:1.4.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:argosoft:ftp_server:1.4.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:argosoft:ftp_server:1.4.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:argosoft:ftp_server:1.4.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:argosoft:ftp_server:1.4.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:argosoft:ftp_server:1.4.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:argosoft:ftp_server:1.4.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:argosoft:ftp_server:1.4.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:argosoft:ftp_server:1.4.2.29:*:*:*:*:*:*:*
    cpe:2.3:a:argosoft:ftp_server:1.4.2.29:*:*:*:*:*:*:*
  • cpe:2.3:a:argosoft:ftp_server:1.4.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:argosoft:ftp_server:1.4.3.5:*:*:*:*:*:*:*
CVSS
Base: 6.4 (as of 20-07-2017 - 01:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:P
refmap via4
bid 17789
bugtraq
  • 20060502 FTP Fuzzer
  • 20060508 INFIGO-2006-05-03: Multiple FTP Servers vulnerabilities
misc
osvdb 25216
secunia 19934
vupen ADV-2006-1639
xf argosoft-ftp-rnto-bo(26197)
Last major update 20-07-2017 - 01:31
Published 04-05-2006 - 12:38
Last modified 20-07-2017 - 01:31
Back to Top