fkie_cve-2010-0625
Vulnerability from fkie_nvd
Published
2010-04-05 16:30
Modified
2025-04-11 00:51
Severity ?
Summary
Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE command.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:netware_ftp_server:5.01i:*:*:*:*:*:*:*",
"matchCriteriaId": "2093B36D-EBE4-4B12-A44B-F06929B828BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:netware_ftp_server:5.01o:*:*:*:*:*:*:*",
"matchCriteriaId": "9D22986D-C520-4533-B257-7597AD7323C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:netware_ftp_server:5.01w:*:*:*:*:*:*:*",
"matchCriteriaId": "6245EE38-90AA-4A4E-AE6A-A468FA902075",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:netware_ftp_server:5.01y:*:*:*:*:*:*:*",
"matchCriteriaId": "23197629-F3ED-463A-9718-4A96B0059CC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:netware_ftp_server:5.02b:*:*:*:*:*:*:*",
"matchCriteriaId": "2E09E25F-F984-423B-B03A-2964DF173125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:netware_ftp_server:5.02i:*:*:*:*:*:*:*",
"matchCriteriaId": "D5BCF530-0758-453E-ACFC-5129747A6660",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:netware_ftp_server:5.02r:*:*:*:*:*:*:*",
"matchCriteriaId": "51D76099-7058-4BC7-9229-F943D03ECD18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:netware_ftp_server:5.02y:*:*:*:*:*:*:*",
"matchCriteriaId": "E4304B8D-E271-41C6-9D84-E71AA3D683E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:netware_ftp_server:5.03b:*:*:*:*:*:*:*",
"matchCriteriaId": "0CA8CA21-1E2A-44CA-A21B-A74EA6BA81FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:netware_ftp_server:5.03l:*:*:*:*:*:*:*",
"matchCriteriaId": "8519850A-56CB-4C6A-9E87-09F71281E20C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:netware_ftp_server:5.04.5:*:*:*:*:*:*:*",
"matchCriteriaId": "069FC929-2FEF-44BA-AAEC-A795AF724B61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:netware_ftp_server:5.04.8:*:*:*:*:*:*:*",
"matchCriteriaId": "24F12F0B-0439-4301-8767-A6F36097649A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:netware_ftp_server:5.04.20:*:*:*:*:*:*:*",
"matchCriteriaId": "B8131B93-3147-4988-9193-19629C933D12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:netware_ftp_server:5.04.25:*:*:*:*:*:*:*",
"matchCriteriaId": "58B67AD9-BE51-4B7C-AE9E-1D15AB70BA0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:netware_ftp_server:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "1F6C2582-0C8E-4743-82B1-51AF53AE3879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:netware_ftp_server:5.05.04:*:*:*:*:*:*:*",
"matchCriteriaId": "B387DDA6-FF1B-48D6-85AF-EB1221CF47DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:netware_ftp_server:5.06.04:*:*:*:*:*:*:*",
"matchCriteriaId": "0B9A6A85-0ECA-484D-899B-F9417B09D74A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:netware_ftp_server:5.06.05:*:*:*:*:*:*:*",
"matchCriteriaId": "D7211C6A-B9A5-450C-81ED-5A22785617E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:netware_ftp_server:5.07:*:*:*:*:*:*:*",
"matchCriteriaId": "EACC687E-DB67-4836-88F8-D2A371EEDB0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:netware_ftp_server:5.07.02:*:*:*:*:*:*:*",
"matchCriteriaId": "E47D3FD1-1972-4E82-92AC-51CA2EED8B3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:novell:netware:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "455ED4E4-8033-4043-BF10-20188BF0B8B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:netware:5.1:sp2a:*:*:*:*:*:*",
"matchCriteriaId": "081C8B07-AB0F-43B4-8677-ABFBD315BB6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:netware:5.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "A06A23FD-5CEB-4737-9478-6C50E635E71B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:netware:5.1:sp4:*:*:*:*:*:*",
"matchCriteriaId": "E71EBA85-5816-4A69-A5DE-EEBD25265CE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:netware:5.1:sp6:*:*:*:*:*:*",
"matchCriteriaId": "D2DA7621-8953-4B7D-8AAC-33C2E3C51719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:netware:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE9F2EF1-D7CB-4D76-BAC0-EA28E5F9D82E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:netware:6.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "B04B18E8-A130-4BAA-8BBC-D9DF7085F9F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:netware:6.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "B9700BC2-BE56-448F-BAE6-AD01F71DC646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:netware:6.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "FE91855A-062B-47D7-BC38-5980E3F6F2FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:netware:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D328A81E-DC60-4B67-B707-F0AD9A6F48E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:netware:6.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "1CEB9CEA-9245-490F-88F6-EFD23B11A19B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:netware:6.5:sp1.1a:*:*:*:*:*:*",
"matchCriteriaId": "0669D0E2-AB83-44AE-A87C-C7EB7AA2953A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:netware:6.5:sp1.1b:*:*:*:*:*:*",
"matchCriteriaId": "062E2A9A-CF88-4844-B5A1-7418722087D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:netware:6.5:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0F8E031C-CE1F-410F-8F32-B3E33719C498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:netware:6.5:sp3:*:*:*:*:*:*",
"matchCriteriaId": "87F80FDC-7851-4EA8-BC7D-87B85C6BB93C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:netware:6.5:sp4:*:*:*:*:*:*",
"matchCriteriaId": "8C3AB68F-1D78-4217-9C56-B1B25F62FF38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:netware:6.5:sp5:*:*:*:*:*:*",
"matchCriteriaId": "0F7A41C8-4332-4F8C-A297-6850C05B3EB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:netware:6.5:sp6:*:*:*:*:*:*",
"matchCriteriaId": "5DC7371E-6D35-4C9A-B688-E14391D9B953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:netware:6.5:sp7:*:*:*:*:*:*",
"matchCriteriaId": "CF0FC43C-4041-49B4-87AD-63D7BE17136D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:netware:6.5:sp8:*:*:*:*:*:*",
"matchCriteriaId": "D758AB52-B592-4E83-89F8-A05ED75F2367",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE command."
},
{
"lang": "es",
"value": "El desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en NWFTPD.nlm anterior a versi\u00f3n 5.10.01 en el servidor FTP en Novell NetWare versiones 5.1 hasta 6.5 SP8, permite a los usuarios autenticados remotos causar una denegaci\u00f3n de servicio (bloqueo del demonio) o posiblemente ejecutar c\u00f3digo arbitrario por medio de un comando largo (1) MKD, (2) RMD, (3) RNFR o (4) DELE."
}
],
"id": "CVE-2010-0625",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-04-05T16:30:00.577",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39151"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1023768"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1"
},
{
"source": "cve@mitre.org",
"url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=12\u0026Itemid=12"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/510353/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/510557/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/39041"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0742"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-062"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=569496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39151"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1023768"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=12\u0026Itemid=12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/510353/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/510557/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/39041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0742"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=569496"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…