cbcvebase.
CVE-2008-5106
published 2008-11-17

CVE-2008-5106: Buffer overflow in KarjaSoft Sami FTP Server 2.0.x allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via…

PriorityP348critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
12.59%
95.7th percentile
Buffer overflow in KarjaSoft Sami FTP Server 2.0.x allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long argument to an arbitrary command, which triggers the overflow when the SamyFtp.binlog log file is viewed in the management console. NOTE: this may overlap CVE-2006-0441 and CVE-2006-2212.

Affected

3 ranges
VendorProductVersion rangeFixed in
karjasoftsami_ftp_server
karjasoftsami_ftp_server
karjasoftsami_ftp_server

Detection & IOCsextracted from sources · hover to see the quote

commandLIST
pathSamyFtp.binlog
  • Detect abnormally long FTP LIST command arguments sent to Sami FTP Server 2.0.x, indicative of a buffer overflow attempt.
  • Monitor for the presence and modification of the SamyFtp.binlog log file, as viewing it in the management console triggers the overflow.
  • The exploit requires the attacker's source IP address to be resolvable or known; monitor for FTP connections from unexpected or external IPs followed by LIST commands with oversized arguments.
  • ·Exploitation requires the victim to be actively viewing the 'Log' tab in the Sami FTP Server management console at the time of the attack; the overflow is triggered on log view, not purely on receipt of the malicious command.
  • ·This CVE may overlap with CVE-2006-0441 and CVE-2006-2212; deduplication of alerts across these CVEs is recommended.
  • ·Confirmed tested only on Sami FTP Server 2.0.1 on Windows XP SP3; behavior on other versions or OS configurations is unverified.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.