CVE-2002-0768Improper Restriction of Operations within the Bounds of a Memory Buffer in Mewburn Lukemftp

3 documents3 sources
Severity
7.5HIGHNVD
EPSS
1.5%
top 18.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Luke Mewburn LukemftpSuse Linux
Timeline
PublishedAug 12
Latest updateApr 30

Description

Buffer overflow in lukemftp FTP client in SuSE 6.4 through 8.0, and possibly other operating systems, allows a malicious FTP server to execute arbitrary code via a long PASV command.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

NVDsuse/suse_linux6 versions+5

Patches

Patch: www.iss.netPatch: www.iss.net

🔴Vulnerability Details

2
GHSA
GHSA-5vc6-454c-fp4p: Buffer overflow in lukemftp FTP client in SuSE 62022-04-30
CVEList
CVE-2002-0768: Buffer overflow in lukemftp FTP client in SuSE 62003-04-02
CVE-2002-0768 — Luke Mewburn Lukemftp vulnerability | cvebase