Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-4228

CWE-119Buffer Overflow4 documents4 sources
Severity
9.0CRITICAL
EPSS
28.5%
top 3.47%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Novell Netware
Timeline
PublishedMar 22
Latest updateMay 17

Description

Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP server in Novell NetWare allows remote authenticated users to execute arbitrary code or cause a denial of service (abend) via a long DELE command, a different vulnerability than CVE-2010-0625.4.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages1 packages

NVDnovell/netware5.1, 6.0, 6.5+2

🔴Vulnerability Details

2
GHSA
GHSA-f5rg-3x57-9mv4: Stack-based buffer overflow in NWFTPD2022-05-17
CVEList
CVE-2010-4228: Stack-based buffer overflow in NWFTPD2011-03-22

💥Exploits & PoCs

1
Exploit-DB
Novell Netware - NWFTPD.NLM DELE Remote Code Execution2011-03-21
CVE-2010-4228 (CRITICAL CVSS 9) | Stack-based buffer overflow in NWFT | cvebase.io