Vulnerabilities > CVE-2004-1626 - Unspecified vulnerability in Code-Crafters Ability Server 2.2.5/2.3.2/2.3.4
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Buffer overflow in Ability Server 2.34, and possibly other versions, allows remote attackers to execute arbitrary code via a long STOR command.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |
Exploit-Db
description Ability Server 2.34 FTP STOR Buffer Overflow. CVE-2004-1626. Remote exploit for windows platform id EDB-ID:588 last seen 2016-01-31 modified 2004-10-21 published 2004-10-21 reporter muts source https://www.exploit-db.com/download/588/ title Ability Server 2.34 - FTP STOR Buffer Overflow description Ability Server 2.34 FTP STOR Buffer Overflow Exploit (Unix Exploit). CVE-2004-1626. Remote exploit for windows platform id EDB-ID:618 last seen 2016-01-31 modified 2004-11-07 published 2004-11-07 reporter NoPh0BiA source https://www.exploit-db.com/download/618/ title Ability Server 2.34 - FTP STOR Buffer Overflow Exploit Unix Exploit
Metasploit
description | This module exploits a stack-based buffer overflow in Ability Server 2.34. Ability Server fails to check input size when parsing 'STOR' and 'APPE' commands, which leads to a stack based buffer overflow. This plugin uses the 'STOR' command. The vulnerability has been confirmed on version 2.34 and has also been reported in version 2.25 and 2.32. Other versions may also be affected. |
id | MSF:EXPLOIT/WINDOWS/FTP/ABILITY_SERVER_STOR |
last seen | 2020-06-01 |
modified | 2017-07-24 |
published | 2011-12-07 |
references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1626 |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/ftp/ability_server_stor.rb |
title | Ability Server 2.34 STOR Command Stack Buffer Overflow |
Nessus
NASL family | FTP |
NASL id | ABILITY_FTP_OVERFLOW.NASL |
description | The remote host is running Ability FTP Server. It is reported that the remote version of this software is prone to a remote buffer overflow attack via the |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 15628 |
published | 2004-11-04 |
reporter | This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/15628 |
title | Ability FTP Server Multiple Command Remote Buffer Overflows |
code |
|
References
- http://marc.info/?l=bugtraq&m=109850947508816&w=2
- http://marc.info/?l=bugtraq&m=109850947508816&w=2
- http://secunia.com/advisories/12941
- http://secunia.com/advisories/12941
- http://www.kb.cert.org/vuls/id/857846
- http://www.kb.cert.org/vuls/id/857846
- http://www.osvdb.org/11030
- http://www.osvdb.org/11030
- http://www.securityfocus.com/bid/11508
- http://www.securityfocus.com/bid/11508
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17823
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17823