Vulnerabilities > CVE-2001-0936 - Buffer Overflow vulnerability in Frox FTP Cache Retrieval

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

frox

NVD

Published: 2001-11-30

Updated: 2017-10-10

Summary

Buffer overflow in Frox transparent FTP proxy 0.6.6 and earlier, with the local caching method selected, allows remote FTP servers to run arbitrary code via a long response to an MDTM request.

Vulnerable Configurations

Part	Description	Count
Application	Frox Frox Frox 0.6.0 Frox Frox 0.6.1 Frox Frox 0.6.2 Frox Frox 0.6.3 Frox Frox 0.6.4 Frox Frox 0.6.5 Frox Frox 0.6.6	7

References

http://frox.sourceforge.net/security.txt
http://marc.info/?l=bugtraq&m=100713367307799&w=2
http://www.securityfocus.com/bid/3606
https://exchange.xforce.ibmcloud.com/vulnerabilities/7632