CVE-2007-2010 - OpenCVE

Double free vulnerability in bftpd before 1.8 allows remote authenticated users to cause a denial of service (daemon crash) via a (1) get or (2) mget command.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:L/Au:S/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Bftpd	Bftpd

Configuration 1 [-]

cpe:2.3:a:bftpd:bftpd:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://bftpd.sourceforge.net/
http://bftpd.sourceforge.net/downloads/CHANGELOG
http://osvdb.org/34889
http://secunia.com/advisories/24864
http://www.securityfocus.com/bid/23406
http://www.vupen.com/english/advisories/2007/1347
https://exchange.xforce.ibmcloud.com/vulnerabilities/33594

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-04-12T19:00:00

Updated: 2024-08-07T13:13:41.977Z

Reserved: 2007-04-12T00:00:00

Link: CVE-2007-2010

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-04-12T19:19:00.000

Modified: 2017-07-29T01:31:10.847

Link: CVE-2007-2010

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-04-10T00:00:00", "descriptions": [{"lang": "en", "value": "Double free vulnerability in bftpd before 1.8 allows remote authenticated users to cause a denial of service (daemon crash) via a (1) get or (2) mget command."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "23406", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/23406"}, {"name": "34889", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/34889"}, {"name": "24864", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24864"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bftpd.sourceforge.net/downloads/CHANGELOG"}, {"name": "ADV-2007-1347", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/1347"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bftpd.sourceforge.net/"}, {"name": "bftpd-getmget-dos(33594)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33594"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-2010", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Double free vulnerability in bftpd before 1.8 allows remote authenticated users to cause a denial of service (daemon crash) via a (1) get or (2) mget command."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "23406", "refsource": "BID", "url": "http://www.securityfocus.com/bid/23406"}, {"name": "34889", "refsource": "OSVDB", "url": "http://osvdb.org/34889"}, {"name": "24864", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24864"}, {"name": "http://bftpd.sourceforge.net/downloads/CHANGELOG", "refsource": "CONFIRM", "url": "http://bftpd.sourceforge.net/downloads/CHANGELOG"}, {"name": "ADV-2007-1347", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/1347"}, {"name": "http://bftpd.sourceforge.net/", "refsource": "CONFIRM", "url": "http://bftpd.sourceforge.net/"}, {"name": "bftpd-getmget-dos(33594)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33594"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T13:13:41.977Z"}, "title": "CVE Program Container", "references": [{"name": "23406", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/23406"}, {"name": "34889", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/34889"}, {"name": "24864", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24864"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bftpd.sourceforge.net/downloads/CHANGELOG"}, {"name": "ADV-2007-1347", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/1347"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bftpd.sourceforge.net/"}, {"name": "bftpd-getmget-dos(33594)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33594"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-2010", "datePublished": "2007-04-12T19:00:00", "dateReserved": "2007-04-12T00:00:00", "dateUpdated": "2024-08-07T13:13:41.977Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}