CVE-2008-5106
published 2008-11-17CVE-2008-5106: Buffer overflow in KarjaSoft Sami FTP Server 2.0.x allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via…
PriorityP348critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
12.59%
95.7th percentile
Buffer overflow in KarjaSoft Sami FTP Server 2.0.x allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long argument to an arbitrary command, which triggers the overflow when the SamyFtp.binlog log file is viewed in the management console. NOTE: this may overlap CVE-2006-0441 and CVE-2006-2212.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| karjasoft | sami_ftp_server | — | — |
| karjasoft | sami_ftp_server | — | — |
| karjasoft | sami_ftp_server | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect abnormally long FTP LIST command arguments sent to Sami FTP Server 2.0.x, indicative of a buffer overflow attempt. ↗
- →Monitor for the presence and modification of the SamyFtp.binlog log file, as viewing it in the management console triggers the overflow. ↗
- →The exploit requires the attacker's source IP address to be resolvable or known; monitor for FTP connections from unexpected or external IPs followed by LIST commands with oversized arguments. ↗
- ·Exploitation requires the victim to be actively viewing the 'Log' tab in the Sami FTP Server management console at the time of the attack; the overflow is triggered on log view, not purely on receipt of the malicious command. ↗
- ·This CVE may overlap with CVE-2006-0441 and CVE-2006-2212; deduplication of alerts across these CVEs is recommended. ↗
- ·Confirmed tested only on Sami FTP Server 2.0.1 on Windows XP SP3; behavior on other versions or OS configurations is unverified. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
2008-11-17
Published