cbcvebase.
CVE-2020-9365
published 2020-02-24

CVE-2020-9365: An issue was discovered in Pure-FTPd 1.0.49. An out-of-bounds (OOB) read has been detected in the pure_strcmp function in utils.c.

PriorityP353high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
6.94%
93.3th percentile
An issue was discovered in Pure-FTPd 1.0.49. An out-of-bounds (OOB) read has been detected in the pure_strcmp function in utils.c.

Affected

8 ranges
VendorProductVersion rangeFixed in
debianpure-ftpd< pure-ftpd 1.0.49-3 (bookworm)pure-ftpd 1.0.49-3 (bookworm)
fedoraprojectfedora
fedoraprojectfedora
fedoraprojectfedora
pureftpdpure-ftpd
pureftpdpure-ftpd>= 0 < 1.0.49-31.0.49-3
pureftpdpure-ftpd>= 0 < 1.0.49-31.0.49-3
pureftpdpure-ftpd>= 0 < 1.0.49-31.0.49-3

Detection & IOCsextracted from sources · hover to see the quote

urlhttps://github.com/jedisct1/pure-ftpd/commit/36c6d268cb190282a2c17106acfd31863121b58e
pathutils.c
otherPure-FTPd 1.0.24
  • Detect vulnerable Pure-FTPd instances by banner-grabbing on TCP port 21 and matching the 'Pure-FTPd' string in the server response alongside version 1.0.24 (or 1.0.49 unpatched).
  • Use Shodan query 'product:"Pure-FTPd" version:"1.0.24"' to identify exposed vulnerable instances.
  • The vulnerability is an OOB read in the pure_strcmp function within utils.c; focus code review and static analysis on this function in Pure-FTPd 1.0.49 and earlier.
  • ·The Nuclei template targets Pure-FTPd 1.0.24 in its version matcher, but the CVE was officially reported against Pure-FTPd 1.0.49; detection logic should be validated against the correct affected version range.
  • ·The fix was applied in Debian package version 1.0.49-3; systems running unpatched 1.0.49 remain vulnerable.

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv7.5HIGH
vendor_debian7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.