Описание
The FTP proxy server in Apple AirPort Express, AirPort Extreme, and Time Capsule with firmware 7.5 does not restrict the IP address and port specified in a PORT command from a client, which allows remote attackers to leverage intranet FTP servers for arbitrary TCP forwarding via a crafted PORT command.
The FTP proxy server in Apple AirPort Express, AirPort Extreme, and Time Capsule with firmware 7.5 does not restrict the IP address and port specified in a PORT command from a client, which allows remote attackers to leverage intranet FTP servers for arbitrary TCP forwarding via a crafted PORT command.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2010-0962
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56701
- http://seclists.org/fulldisclosure/2010/Mar/106
- http://www.securityfocus.com/archive/1/509867/100/0/threaded
- http://www.securityfocus.com/archive/1/509974/100/0/threaded
- http://www.securityfocus.com/bid/38543
EPSS
CVE ID
Связанные уязвимости
The FTP proxy server in Apple AirPort Express, AirPort Extreme, and Time Capsule with firmware 7.5 does not restrict the IP address and port specified in a PORT command from a client, which allows remote attackers to leverage intranet FTP servers for arbitrary TCP forwarding via a crafted PORT command.
EPSS