Vulnerabilities > CVE-2006-2172 - Commands Remote Buffer Overflow vulnerability in Gene6 G6 FTP Server 3.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in Gene6 FTP Server 3.1.0 allows remote authenticated attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to (1) MKD or (2) XMKD, as demonstrated by the Infigo FTPStress Fuzzer.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family | FTP |
NASL id | GENE6_380.NASL |
description | The remote host appears to be using Gene6 FTP Server, a professional FTP server for Windows. According to its banner, the version of Gene6 FTP Server installed on the remote host contains buffer overflow vulnerabilities that can be exploited by an authenticated, possibly anonymous, user with specially crafted |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 21324 |
published | 2006-05-04 |
reporter | This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/21324 |
title | Gene6 FTP Server Multiple Command Remote Overflows |
code |
|
References
- http://secunia.com/advisories/19965
- http://www.infigo.hr/en/in_focus/tools
- http://www.osvdb.org/25238
- http://www.securityfocus.com/archive/1/432839/100/0/threaded
- http://www.securityfocus.com/bid/17810
- http://www.vupen.com/english/advisories/2006/1658
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26237