Описание
Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail, SurgeFTP, and possibly other packages, could allow attackers to execute arbitrary code via long arguments to (1) the -del command or (2) the -lookup command.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:netwin:dmail:2.5d:*:*:*:*:*:*:*
cpe:2.3:a:netwin:dmail:2.7:*:*:*:*:*:*:*
cpe:2.3:a:netwin:dmail:2.7q:*:*:*:*:*:*:*
cpe:2.3:a:netwin:dmail:2.7r:*:*:*:*:*:*:*
cpe:2.3:a:netwin:dmail:2.8e:*:*:*:*:*:*:*
cpe:2.3:a:netwin:dmail:2.8f:*:*:*:*:*:*:*
cpe:2.3:a:netwin:dmail:2.8g:*:*:*:*:*:*:*
cpe:2.3:a:netwin:dmail:2.8h:*:*:*:*:*:*:*
cpe:2.3:a:netwin:dmail:2.8i:*:*:*:*:*:*:*
cpe:2.3:a:netwin:surgeftp:1.0b:*:*:*:*:*:*:*
cpe:2.3:a:netwin:surgeftp:2.0a:*:*:*:*:*:*:*
cpe:2.3:a:netwin:surgeftp:2.0b:*:*:*:*:*:*:*
EPSS
Процентиль: 79%
0.01326
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail, SurgeFTP, and possibly other packages, could allow attackers to execute arbitrary code via long arguments to (1) the -del command or (2) the -lookup command.
EPSS
Процентиль: 79%
0.01326
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other