QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2011-5166

Back to search

CVE-2011-5166

Published: Sep 15, 2012

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple stack-based buffer overflows in KnFTP 1.0.0 allow remote attackers to execute arbitrary code via a long string to the (1) USER, (2) PASS, (3) REIN, (4) QUIT, (5) PORT, (6) PASV, (7) TYPE, (8) STRU, (9) MODE, (10) RETR, (11) STOR, (12) APPE, (13) ALLO, (14) REST, (15) RNFR, (16) RNTO, (17) ABOR, (18) DELE, (19) CWD, (20) LIST, (21) NLST, (22) SITE, (23) STST, (24) HELP, (25) NOOP, (26) MKD, (27) RMD, (28) PWD, (29) CDUP, (30) STOU, (31) SNMT, (32) SYST, and (33) XPWD commands.

VendorProductVersions

n/a

n/a

affected
n/a

References

45907
third-party-advisory
x_refsource_SECUNIA
17856
exploit
x_refsource_EXPLOIT-DB
18089
exploit
x_refsource_EXPLOIT-DB
knftpd-multiple-commands-bo(69557)
vdb-entry
x_refsource_XF
75147
vdb-entry
x_refsource_OSVDB
17819
exploit
x_refsource_EXPLOIT-DB
17870
exploit
x_refsource_EXPLOIT-DB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now