CVEブラウザに戻る

CVE-2006-5826

MEDIUM

5.8

CVSS Severity Score

EPSS Score0.0990%

EPSS Percentile0.87th

Published2006年11月10日

Last Modified2026年4月23日

Vulnerability Description

Buffer overflow in Texas Imperial Software WFTPD Pro Server 3.23.1.1 allows remote authenticated users to execute arbitrary code or cause a denial of service (application crash) via crafted APPE commands that contain "/" (slash) or "\" (backslash) characters.

Affected Platforms (CPE)

📦

Texas Imperial Software

Wftpd

= 3.23.1.1

References & Advisories

🔗 http://marc.info/?l=full-disclosure&m=116289234522958&w=2

🔗 http://marc.info/?l=full-disclosure&m=116295408114746&w=2

🔗 http://securityreason.com/securityalert/1837

🔗 http://securitytracker.com/id?1017173

🔗 http://www.securityfocus.com/archive/1/450851/100/0/threaded

🔗 http://www.securityfocus.com/bid/20942

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/30079

🔗 https://www.exploit-db.com/exploits/2734

関連する脆弱性情報

CVE-1999-095010.0

Buffer overflow in WFTPD FTP server allows remote attackers to gain root access via a series of MKD and CWD commands that create n...

CVE-2001-029610.0

Buffer overflow in WFTPD Pro 3.00 allows remote attackers to execute arbitrary commands via a long CWD command.

CVE-2001-13867.5

WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends in a ".lnk." extension, which bypa...

CVE-2001-06947.5

Directory traversal vulnerability in WFTPD 3.00 R5 allows a remote attacker to view arbitrary files via a dot dot attack in the CD...