CVE-2011-5033
published 2011-12-29CVE-2011-5033: Stack-based buffer overflow in CFS.c in ConfigServer Security & Firewall (CSF) before 5.43, when running on a DirectAdmin server, allows local users to cause a…
PriorityP419medium4.4CVSS 2.0
AVLACMAuNCPIPAP
EXPLOIT
EPSS
0.74%
50.1th percentile
Stack-based buffer overflow in CFS.c in ConfigServer Security & Firewall (CSF) before 5.43, when running on a DirectAdmin server, allows local users to cause a denial of service (crash) via a long string in an admin.list file.
Affected
36 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| configserver | configserver_security_firewall | <= 5.42 | — |
| configserver | configserver_security_firewall | — | — |
| configserver | configserver_security_firewall | — | — |
| configserver | configserver_security_firewall | — | — |
| configserver | configserver_security_firewall | — | — |
| configserver | configserver_security_firewall | — | — |
| configserver | configserver_security_firewall | — | — |
| configserver | configserver_security_firewall | — | — |
| configserver | configserver_security_firewall | — | — |
| configserver | configserver_security_firewall | — | — |
| configserver | configserver_security_firewall | — | — |
| configserver | configserver_security_firewall | — | — |
| configserver | configserver_security_firewall | — | — |
| configserver | configserver_security_firewall | — | — |
| configserver | configserver_security_firewall | — | — |
| configserver | configserver_security_firewall | — | — |
| configserver | configserver_security_firewall | — | — |
| configserver | configserver_security_firewall | — | — |
| configserver | configserver_security_firewall | — | — |
| configserver | configserver_security_firewall | — | — |
| configserver | configserver_security_firewall | — | — |
| configserver | configserver_security_firewall | — | — |
| configserver | configserver_security_firewall | — | — |
| configserver | configserver_security_firewall | — | — |
| configserver | configserver_security_firewall | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://forum.configserver.com/viewtopic.php?f=4&t=5008http://www.configserver.com/free/csf/changelog.txthttp://www.exploit-db.com/exploits/18225https://exchange.xforce.ibmcloud.com/vulnerabilities/71758http://forum.configserver.com/viewtopic.php?f=4&t=5008http://www.configserver.com/free/csf/changelog.txthttp://www.exploit-db.com/exploits/18225https://exchange.xforce.ibmcloud.com/vulnerabilities/71758
2011-12-29
Published