CVE-2011-5166

{"id": "CVE-2011-5166", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-09-15T17:55:04.753", "references": [{"url": "http://archives.neohapsis.com/archives/bugtraq/2011-09/0015.html", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/45907", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.exploit-db.com/exploits/17819", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.exploit-db.com/exploits/17856", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.exploit-db.com/exploits/17870", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.exploit-db.com/exploits/18089", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/75147", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69557", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Multiple stack-based buffer overflows in KnFTP 1.0.0 allow remote attackers to execute arbitrary code via a long string to the (1) USER, (2) PASS, (3) REIN, (4) QUIT, (5) PORT, (6) PASV, (7) TYPE, (8) STRU, (9) MODE, (10) RETR, (11) STOR, (12) APPE, (13) ALLO, (14) REST, (15) RNFR, (16) RNTO, (17) ABOR, (18) DELE, (19) CWD, (20) LIST, (21) NLST, (22) SITE, (23) STST, (24) HELP, (25) NOOP, (26) MKD, (27) RMD, (28) PWD, (29) CDUP, (30) STOU, (31) SNMT, (32) SYST, and (33) XPWD commands."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de desbordamiento de b\u00fafer basado en pila en KnFTP v1.0.0 que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una cadena larga en los comandos (1) USER, (2) PASS, (3) REIN, (4) QUIT, (5) PORT, (6) PASV, (7) TYPE, (8) STRU, (9) MODE, (10) RETR, (11) STOR, (12) APPE, (13) ALLO, (14) REST, (15) RNFR, (16) RNTO, (17) ABOR, (18) DELE, (19) CWD, (20) LIST, (21) NLST, (22) SITE, (23) STST, (24) HELP, (25) NOOP, (26) MKD, (27) RMD, (28) PWD, (29) CDUP, (30) STOU, (31) SNMT, (32) SYST, and (33) XPWD."}], "lastModified": "2017-08-29T01:30:42.803", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:elif_keir:knftp:1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FF27C189-FD89-43B4-A1C9-4E617C44C875"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}