Vulnerabilities > CVE-2005-1371 - Local Privilege Escalation vulnerability in Bulletproof FTP Server 2.4.0.31

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
bulletproof
exploit available

Summary

BPFTPServer service in BulletProof FTP Server 2.4.0.31 does not properly drop privileges before opening files through the Help menu, which allows local users to gain privileges.

Vulnerable Configurations

Part Description Count
Application
Bulletproof
1

Exploit-Db

descriptionBulletProof FTP Server 2.4.0.31 Local Privilege Escalation Exploit. CVE-2005-1371. Local exploit for windows platform
idEDB-ID:971
last seen2016-01-31
modified2005-04-29
published2005-04-29
reporterJerome Athias
sourcehttps://www.exploit-db.com/download/971/
titleBulletProof FTP Server 2.4.0.31 - Local Privilege Escalation Exploit