pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an out of bounds read in the domlsd() function of the ls.c file.
History

Mon, 28 Oct 2024 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Pureftpd
Pureftpd pure-ftpd
Weaknesses CWE-125
CPEs cpe:2.3:a:pureftpd:pure-ftpd:*:*:*:*:*:*:*:*
Vendors & Products Pureftpd
Pureftpd pure-ftpd
Metrics cvssV3_1

{'score': 8.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 24 Oct 2024 20:30:00 +0000

Type Values Removed Values Added
Description pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an out of bounds read in the domlsd() function of the ls.c file.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-10-24T00:00:00

Updated: 2024-10-28T18:27:39.239Z

Reserved: 2024-10-08T00:00:00

Link: CVE-2024-48208

cve-icon Vulnrichment

Updated: 2024-10-28T18:27:32.162Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-10-24T21:15:14.040

Modified: 2024-10-28T19:35:28.037

Link: CVE-2024-48208

cve-icon Redhat

No data.