Vulnerability Details : CVE-2006-0441
Public exploit exists!
Stack-based buffer overflow in Sami FTP Server 2.0.1 allows remote attackers to execute arbitrary code via a long USER command, which triggers the overflow when the log is viewed.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2006-0441
Probability of exploitation activity in the next 30 days: 38.18%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 97 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2006-0441
-
KarjaSoft Sami FTP Server v2.0.2 USER Overflow
Disclosure Date: 2006-01-24First seen: 2020-04-26exploit/windows/ftp/sami_ftpd_userThis module exploits an unauthenticated stack buffer overflow in KarjaSoft Sami FTP Server version 2.0.2 by sending an overly long USER string during login. The payload is triggered when the administrator opens the application GUI. If the GUI windo
CVSS scores for CVE-2006-0441
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2006-0441
-
http://www.securityfocus.com/bid/16370
Sami FTP Server User Command Buffer Overflow VulnerabilityExploit
-
http://www.vupen.com/english/advisories/2006/0317
-
https://www.exploit-db.com/exploits/40675/
-
http://www.karjasoft.com/samiftp/news
-
http://www.critical.lt/?vulnerabilities/208
Exploit;Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/24325
-
http://www.securityfocus.com/archive/1/423148/100/0/threaded
-
http://downloads.securityfocus.com/vulnerabilities/exploits/sami_ftp_poc.pl
Products affected by CVE-2006-0441
- cpe:2.3:a:karjasoft:sami_ftp_server:2.0.1:*:*:*:*:*:*:*