CVSS: 9.3EPSS: 3%CPEs: 14EXPL: 2CVE-2011-5164 – AbsoluteFTP 1.9.6 < 2.2.10 - 'LIST' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2011-5164
Stack-based buffer overflow in VanDyke Software AbsoluteFTP 1.9.6 through 2.2.10 allows remote FTP servers to execute arbitrary code via a crafted file name in a LIST command response. Desbordamiento de búfer basado en pila en VanDyke Software AbsoluteFTP v1.9.6 hasta v2.2.10 permite a servidores remotos FTP ejecutar código arbitrario a través del nombre de un fichero en la respuesta de un comando LIST. • https://www.exploit-db.com/exploits/18102 http://secunia.com/advisories/46781 http://www.exploit-db.com/exploits/18102 http://www.osvdb.org/77105 http://www.saintcorporation.com/cgi-bin/exploit_info/vandyke_absoluteftp_list_client_overflow http://www.securityfocus.com/bid/50614 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •