Vulnerability Details : CVE-2006-2212
Public exploit exists!
Buffer overflow in KarjaSoft Sami FTP Server 2.0.2 and earlier allows remote attackers to execute arbitrary code via a long (1) USER or (2) PASS command.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2006-2212
Probability of exploitation activity in the next 30 days: 6.56%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 93 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2006-2212
-
KarjaSoft Sami FTP Server v2.0.2 USER Overflow
Disclosure Date: 2006-01-24First seen: 2020-04-26exploit/windows/ftp/sami_ftpd_userThis module exploits an unauthenticated stack buffer overflow in KarjaSoft Sami FTP Server version 2.0.2 by sending an overly long USER string during login. The payload is triggered when the administrator opens the application GUI. If the GUI windo
CVSS scores for CVE-2006-2212
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
6.4
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:P/A:N |
10.0
|
4.9
|
NIST |
References for CVE-2006-2212
-
http://securitytracker.com/id?1016031
-
http://securityreason.com/securityalert/842
-
http://www.securityfocus.com/bid/17835
Sami FTP Server Unspecified Authentication Buffer Overflow Vulnerability
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/26254
-
http://www.securityfocus.com/archive/1/432944/100/0/threaded
Products affected by CVE-2006-2212
- cpe:2.3:a:karjasoft:sami_ftp_server:2.0.2:*:*:*:*:*:*:*