CVE-2005-2373
published 2005-07-26CVE-2005-2373: Buffer overflow in SlimFTPd 3.15 and 3.16 allows remote authenticated users to execute arbitrary code via a long directory name to (1) LIST, (2) DELE or (3)…
PriorityP345high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
45.75%
98.6th percentile
Buffer overflow in SlimFTPd 3.15 and 3.16 allows remote authenticated users to execute arbitrary code via a long directory name to (1) LIST, (2) DELE or (3) RNFR commands.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| whitsoft_development | slimftpd | — | — |
| whitsoft_development | slimftpd | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
SlimFTPd - 'LIST' Concatenation Overflow (Metasploit)
exploitdb·2010-10-05
CVE-2005-2373 SlimFTPd - 'LIST' Concatenation Overflow (Metasploit)
SlimFTPd - 'LIST' Concatenation Overflow (Metasploit)
---
##
# $Id: slimftpd_list_concat.rb 10559 2010-10-05 23:41:17Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 'SlimFTPd LIST Concatenation Overflow',
'Description' => %q{
This module exploits a stack buffer overflow in the SlimFTPd
server. The flaw is triggered when a LIST command is
received with an overly-long argument. This vulnerability
affects all versions of SlimFTPd prior to 3.16 and was
discovered by Raphael Rigo.
},
'Author' => [ 'Fairuzan Roslan ' ],
'License' => BSD_
Exploit-DB
Microsoft Windows - NtClose DeadLock (MS06-030)
exploitdb·2006-06-14
CVE-2006-2373 Microsoft Windows - NtClose DeadLock (MS06-030)
Microsoft Windows - NtClose DeadLock (MS06-030)
---
////////////////////////////////////////////////////////////////////////////////
///////// MRXSMB.SYS NtClose DEADLOCK exploit///////////////////////////////////
////////////////////////////////////////////////////////////////////////////////
//November 19,2005
////////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////////
//ONLY FOR EDUCATION PURPOSES
////////////////////////////////////////////////////////////////////////////////
// Rubén Santamarta
// ruben (at) reversemode (dot) com
// http://www.reversemode.com
////////////////////////////////////////////////////////////////////////////////
#include
#include
#define MAGIC_IOCTL 0x1
Metasploit
SlimFTPd LIST Concatenation Overflow
metasploit
SlimFTPd LIST Concatenation Overflow
SlimFTPd LIST Concatenation Overflow
This module exploits a stack buffer overflow in the SlimFTPd server. The flaw is triggered when a LIST command is received with an overly-long argument. This vulnerability affects all versions of SlimFTPd prior to 3.16 and was discovered by Raphael Rigo.
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=112196537312610&w=2http://secunia.com/advisories/16177http://securitytracker.com/id?1014542http://www.whitsoftdev.com/slimftpd/http://marc.info/?l=bugtraq&m=112196537312610&w=2http://secunia.com/advisories/16177http://securitytracker.com/id?1014542http://www.whitsoftdev.com/slimftpd/
2005-07-26
Published