Vulnerability Details : CVE-2010-0625
Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE command.
Vulnerability category: OverflowExecute codeDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2010-0625
Probability of exploitation activity in the next 30 days: 30.93%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 96 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-0625
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
6.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:P |
8.0
|
6.4
|
NIST |
CWE ids for CVE-2010-0625
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-0625
-
https://bugzilla.novell.com/show_bug.cgi?id=569496
Access Denied
-
http://securitytracker.com/id?1023768
NetWare FTP Server Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code - SecurityTracker
-
http://www.novell.com/support/viewContent.do?externalId=3238588&sliceId=1
What fixes are in NWFTPD.NLM v5.10.02, March 9, 2011?
-
http://www.securityfocus.com/archive/1/510557/100/0/threaded
SecurityFocus
-
http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=12&Itemid=12
-
http://www.securityfocus.com/bid/39041
Novell Netware FTP Server Multiple Commands Remote Buffer Overflow Vulnerabilities
-
http://www.zerodayinitiative.com/advisories/ZDI-10-062
ZDI-10-062 | Zero Day Initiative
-
http://www.securityfocus.com/archive/1/510353/100/0/threaded
SecurityFocus
-
http://www.vupen.com/english/advisories/2010/0742
Webmail | OVH- OVHVendor Advisory
Products affected by CVE-2010-0625
- cpe:2.3:o:novell:netware:5.1:*:*:*:*:*:*:*
- cpe:2.3:o:novell:netware:5.1:sp3:*:*:*:*:*:*
- cpe:2.3:o:novell:netware:5.1:sp2a:*:*:*:*:*:*
- cpe:2.3:o:novell:netware:6.0:sp1:*:*:*:*:*:*
- cpe:2.3:o:novell:netware:5.1:sp4:*:*:*:*:*:*
- cpe:2.3:o:novell:netware:6.0:sp2:*:*:*:*:*:*
- cpe:2.3:o:novell:netware:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:novell:netware:6.5:*:*:*:*:*:*:*
- cpe:2.3:o:novell:netware:5.1:sp6:*:*:*:*:*:*
- cpe:2.3:o:novell:netware:6.5:sp1:*:*:*:*:*:*
- cpe:2.3:o:novell:netware:6.0:sp3:*:*:*:*:*:*
- cpe:2.3:o:novell:netware:6.5:sp1.1a:*:*:*:*:*:*
- cpe:2.3:o:novell:netware:6.5:sp1.1b:*:*:*:*:*:*
- cpe:2.3:o:novell:netware:6.5:sp3:*:*:*:*:*:*
- cpe:2.3:o:novell:netware:6.5:sp2:*:*:*:*:*:*
- cpe:2.3:o:novell:netware:6.5:sp5:*:*:*:*:*:*
- cpe:2.3:o:novell:netware:6.5:sp4:*:*:*:*:*:*
- cpe:2.3:o:novell:netware:6.5:sp6:*:*:*:*:*:*
- cpe:2.3:o:novell:netware:6.5:sp7:*:*:*:*:*:*
- cpe:2.3:o:novell:netware:6.5:sp8:*:*:*:*:*:*
- cpe:2.3:a:novell:netware_ftp_server:5.02r:*:*:*:*:*:*:*
- cpe:2.3:a:novell:netware_ftp_server:5.02i:*:*:*:*:*:*:*
- cpe:2.3:a:novell:netware_ftp_server:5.01i:*:*:*:*:*:*:*
- cpe:2.3:a:novell:netware_ftp_server:5.01o:*:*:*:*:*:*:*
- cpe:2.3:a:novell:netware_ftp_server:5.01w:*:*:*:*:*:*:*
- cpe:2.3:a:novell:netware_ftp_server:5.01y:*:*:*:*:*:*:*
- cpe:2.3:a:novell:netware_ftp_server:5.02b:*:*:*:*:*:*:*
- cpe:2.3:a:novell:netware_ftp_server:5.02y:*:*:*:*:*:*:*
- cpe:2.3:a:novell:netware_ftp_server:5.05:*:*:*:*:*:*:*
- cpe:2.3:a:novell:netware_ftp_server:5.04.25:*:*:*:*:*:*:*
- cpe:2.3:a:novell:netware_ftp_server:5.04.20:*:*:*:*:*:*:*
- cpe:2.3:a:novell:netware_ftp_server:5.04.8:*:*:*:*:*:*:*
- cpe:2.3:a:novell:netware_ftp_server:5.03l:*:*:*:*:*:*:*
- cpe:2.3:a:novell:netware_ftp_server:5.04.5:*:*:*:*:*:*:*
- cpe:2.3:a:novell:netware_ftp_server:5.03b:*:*:*:*:*:*:*
- cpe:2.3:a:novell:netware_ftp_server:5.05.04:*:*:*:*:*:*:*
- cpe:2.3:a:novell:netware_ftp_server:5.07:*:*:*:*:*:*:*
- cpe:2.3:a:novell:netware_ftp_server:5.06.04:*:*:*:*:*:*:*
- cpe:2.3:a:novell:netware_ftp_server:5.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:novell:netware_ftp_server:5.07.02:*:*:*:*:*:*:*