Vulnerabilities > CVE-2006-5792 - Remote Security vulnerability in Omni-Nfs X Enterprise
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Unspecified vulnerability in XLink Omni-NFS Enterprise allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by vd_xlink2.pm, an "Omni-NFS Enterprise remote exploit." NOTE: this is probably a different vulnerability than CVE-2006-5780. As of 20061107, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description Xlink FTP Server Buffer Overflow. CVE-2006-5792. Remote exploit for windows platform id EDB-ID:16718 last seen 2016-02-02 modified 2010-11-11 published 2010-11-11 reporter metasploit source https://www.exploit-db.com/download/16718/ title Xlink FTP Server Buffer Overflow description Xlink FTP Client Buffer Overflow. CVE-2006-5792. Remote exploit for windows platform id EDB-ID:16722 last seen 2016-02-02 modified 2010-11-11 published 2010-11-11 reporter metasploit source https://www.exploit-db.com/download/16722/ title Xlink FTP Client Buffer Overflow
Metasploit
description This module exploits a stack buffer overflow in Xlink FTP Server that comes bundled with Omni-NFS Enterprise 5.2. When a overly long FTP request is sent to the server, arbitrary code may be executed. id MSF:EXPLOIT/WINDOWS/FTP/XLINK_SERVER last seen 2020-06-10 modified 2017-07-24 published 2009-10-03 references reporter Rapid7 source https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/ftp/xlink_server.rb title Xlink FTP Server Buffer Overflow description This module exploits a stack buffer overflow in Xlink FTP Client 32 Version 3.01 that comes bundled with Omni-NFS Enterprise 5.2. When an overly long FTP server response is received by a client, arbitrary code may be executed. id MSF:EXPLOIT/WINDOWS/FTP/XLINK_CLIENT last seen 2020-06-10 modified 2017-09-14 published 2009-10-03 references reporter Rapid7 source https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/ftp/xlink_client.rb title Xlink FTP Client Buffer Overflow
Packetstorm
data source https://packetstormsecurity.com/files/download/83066/xlink_client.rb.txt id PACKETSTORM:83066 last seen 2016-12-05 published 2009-11-26 reporter MC source https://packetstormsecurity.com/files/83066/Xlink-FTP-Client-Buffer-Overflow.html title Xlink FTP Client Buffer Overflow data source https://packetstormsecurity.com/files/download/83232/xlink_server.rb.txt id PACKETSTORM:83232 last seen 2016-12-05 published 2009-11-26 reporter MC source https://packetstormsecurity.com/files/83232/Xlink-FTP-Server-Buffer-Overflow.html title Xlink FTP Server Buffer Overflow