CVE-2005-1666
published 2005-05-18CVE-2005-1666: Multiple buffer overflows in Orenosv HTTP/FTP Server 0.8.1 allow remote authenticated users to cause a denial of service (server crash) and possibly execute…
PriorityP337high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
9.97%
95.0th percentile
Multiple buffer overflows in Orenosv HTTP/FTP Server 0.8.1 allow remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via long arguments to FTP commands such as MKD, RMD, or DELE, which are processed by the (1) ftp_xlate_path, (2) ftp_is_canonical, or (3) os_fn_nativize functions, or (4) a long SSI command that is processed by the parse_cmd function in cgissi.exe.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| orenosv | orenosv_http_ftp_server | <= 0.8.1 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Orenosv HTTP/FTP Server 0.8.1 - FTP Commands Remote Buffer Overflow
exploitdb·2008-05-08
CVE-2005-1666 Orenosv HTTP/FTP Server 0.8.1 - FTP Commands Remote Buffer Overflow
Orenosv HTTP/FTP Server 0.8.1 - FTP Commands Remote Buffer Overflow
---
source: https://www.securityfocus.com/bid/13546/info
The FTP server shipped with Orenosv HTTP/FTP is prone to a remote buffer-overflow vulnerability.
This issue presents itself when the application handles excessive values supplied as filenames through various FTP commands.
A successful attack may corrupt memory, cause a denial of service, or execute arbitrary code.
Orenosv HTTP/FTP Server 0.8.1 is reportedly vulnerable; other versions may be affected as well.
#!/usr/bin/perl
use IO::Socket;
$target = shift || useage ();
$port = shift || useage ();
$user = shift || useage ();
$pass = shift || useage ();
print"[*] Connecting to $target on port $port\n";
my $sock = IO::Socket::INET -> new
(
Proto => 'tcp',
PeerA
Exploit-DB
Orenosv HTTP/FTP Server 0.8.1 - 'CGISSI.exe' Remote Buffer Overflow (PoC)
exploitdb·2005-05-09
CVE-2005-1666 Orenosv HTTP/FTP Server 0.8.1 - 'CGISSI.exe' Remote Buffer Overflow (PoC)
Orenosv HTTP/FTP Server 0.8.1 - 'CGISSI.exe' Remote Buffer Overflow (PoC)
---
source: https://www.securityfocus.com/bid/13549/info
Orenosv HTTP/FTP server is prone to a remote buffer overflow vulnerability that affects 'cgissi.exe'.
This issue presents itself when the application handles excessive values supplied through an SSI command name.
A successful attack can result in memory corruption and can be leveraged to cause a denial of service condition or arbitrary code execution. Arbitrary code execution can result in a remote compromise in the context of the server.
Orenosv HTTP/FTP Server 0.8.1 is reportedly vulnerable, however, other versions may be affected as well.
Approx. 120 bytes of aaaaaa...
No writeups or analysis indexed.
http://hp.vector.co.jp/authors/VA027031/orenosv/index_en.htmlhttp://secunia.com/advisories/15302http://securitytracker.com/id?1013923http://www.osvdb.org/16165http://www.osvdb.org/16166http://www.securiteam.com/windowsntfocus/5FP0H00FPS.htmlhttp://www.security.org.sg/vuln/orenosv081.htmlhttp://www.securityfocus.com/bid/13546http://www.securityfocus.com/bid/13549http://www.vupen.com/english/advisories/2005/0499https://exchange.xforce.ibmcloud.com/vulnerabilities/20510https://exchange.xforce.ibmcloud.com/vulnerabilities/20512http://hp.vector.co.jp/authors/VA027031/orenosv/index_en.htmlhttp://secunia.com/advisories/15302http://securitytracker.com/id?1013923http://www.osvdb.org/16165http://www.osvdb.org/16166http://www.securiteam.com/windowsntfocus/5FP0H00FPS.htmlhttp://www.security.org.sg/vuln/orenosv081.htmlhttp://www.securityfocus.com/bid/13546http://www.securityfocus.com/bid/13549http://www.vupen.com/english/advisories/2005/0499https://exchange.xforce.ibmcloud.com/vulnerabilities/20510https://exchange.xforce.ibmcloud.com/vulnerabilities/20512
2005-05-18
Published