|
|
CVE Reference: CVE-2005-1666 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2005-1666 |
|
|
Description: Multiple buffer overflows in Orenosv HTTP/FTP Server 0.8.1 allow remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via long arguments to FTP commands such as MKD, RMD, or DELE, which are processed by the (1) ftp_xlate_path, (2) ftp_is_canonical, or (3) os_fn_nativize functions, or (4) a long SSI command that is processed by the parse_cmd function in cgissi.exe. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/20510 http://xforce.iss.net/xforce/xfdb/20512 ST 1013923 SAID Secunia Advisory: SA15302 OSVDB 16165 16166 MISC http://www.securiteam.com/windowsntfocus/5FP0H00FPS.html http://www.security.org.sg/vuln/orenosv081.html CONFIRM http://hp.vector.co.jp/authors/VA027031/orenosv/index_en.html BID 13546 13549 |
|
| Return to the previous page. |
