CVE-2006-4318
50Vexday Risk Score
Patch soon. It has a working public exploit.
ssvc Attendepss 62%
from disclosure to weapon1398 days
Published on NVDAug 24
1st PoC+1398d
metasploitAug 23
exploitation probability
62%top 1% of all CVEs
observed exploitation
nono source reports it
3 public exploit(s)
Buffer overflow in WFTPD Server 3.23 allows remote attackers to execute arbitrary code via long SIZE commands.
Affected products
n/a · n/apublic PoCs found — 3
cve_referencepacketstormsecurity.org/0608-exploits/wftpd_exp.cunverifiedcve_referencewww.exploit-db.com/exploits/2233unverifiedexploitdbwww.exploit-db.com/exploits/16741unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
http://packetstormsecurity.org/0608-exploits/wftpd_exp.chttp://secunia.com/advisories/21547http://securitytracker.com/id?1016723https://exchange.xforce.ibmcloud.com/vulnerabilities/28523https://www.exploit-db.com/exploits/2233http://www.osvdb.org/28134http://www.securityfocus.com/bid/19617http://www.vupen.com/english/advisories/2006/3357