CVE-2007-2509

Published: May 9, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

CRLF injection vulnerability in the ftp_putcmd function in PHP before 4.4.7, and 5.x before 5.2.2 allows remote attackers to inject arbitrary FTP commands via CRLF sequences in the parameters to earlier FTP commands.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

25660

third-party-advisory

x_refsource_SECUNIA

MDKSA-2007:103

vendor-advisory

x_refsource_MANDRIVA

25187

third-party-advisory

x_refsource_SECUNIA

25191

third-party-advisory

x_refsource_SECUNIA

USN-462-1

vendor-advisory

x_refsource_UBUNTU

ADV-2007-2187

vdb-entry

x_refsource_VUPEN

RHSA-2007:0888

vendor-advisory

x_refsource_REDHAT

MDKSA-2007:102

vendor-advisory

x_refsource_MANDRIVA

26048

third-party-advisory

x_refsource_SECUNIA

DSA-1296

vendor-advisory

x_refsource_DEBIAN

RHSA-2007:0355

vendor-advisory

x_refsource_REDHAT

GLSA-200705-19

vendor-advisory

x_refsource_GENTOO

26967

third-party-advisory

x_refsource_SECUNIA

27351

third-party-advisory

x_refsource_SECUNIA

2007-0017

vendor-advisory

x_refsource_TRUSTIX

23818

vdb-entry

x_refsource_BID

23813

vdb-entry

x_refsource_BID

http://us2.php.net/releases/4_4_7.php

x_refsource_CONFIRM

RHSA-2007:0349

vendor-advisory

x_refsource_REDHAT

DSA-1295

vendor-advisory

x_refsource_DEBIAN

25318

third-party-advisory

x_refsource_SECUNIA

php-ftpputcmd-crlf-injection(34413)

vdb-entry

x_refsource_XF

20070323 CRLF injection in PHP ftp function

mailing-list

x_refsource_BUGTRAQ

RHSA-2007:0889

vendor-advisory

x_refsource_REDHAT

http://us2.php.net/releases/5_2_2.php

x_refsource_CONFIRM

25365

third-party-advisory

x_refsource_SECUNIA

2672

third-party-advisory

x_refsource_SREASON

25255

third-party-advisory

x_refsource_SECUNIA

25445

third-party-advisory

x_refsource_SECUNIA

http://support.avaya.com/elmodocs2/security/ASA-2007-231.htm

x_refsource_CONFIRM

25372

third-party-advisory

x_refsource_SECUNIA

oval:org.mitre.oval:def:10839

vdb-entry

signature

x_refsource_OVAL

1018022

vdb-entry

x_refsource_SECTRACK

RHSA-2007:0348

vendor-advisory

x_refsource_REDHAT

SUSE-SA:2007:044

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2007-2509

Description

Affected Products

References