Skip to main content

Core Ftp CVE-2013-3930

CRITICAL
Buffer Overflow (CWE-119)
2014-04-04 PSIRT-CNA@flexerasoftware.com
9.3
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
9.3 CRITICAL
AV:N/AC:M/Au:N/C:C/I:C/A:C

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:M/Au:N/C:C/I:C/A:C
Attack Vector
Network
Attack Complexity
M
Confidentiality
C
Integrity
C
Availability
C

Lifecycle Timeline

1
CVE Published
Apr 04, 2014 - 14:55 cve.org
CRITICAL 9.3

DescriptionCVE.org

Stack-based buffer overflow in Core FTP before 2.2 build 1785 allows remote FTP servers to execute arbitrary code via a crafted directory name in a CWD command reply.

AnalysisAI

Stack-based buffer overflow in Core FTP before 2.2 build 1785 allows remote FTP servers to execute arbitrary code via a crafted directory name in a CWD command reply. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Technical ContextAI

This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. Stack-based buffer overflow in Core FTP before 2.2 build 1785 allows remote FTP servers to execute arbitrary code via a crafted directory name in a CWD command reply. Affected products include: Coreftp Core Ftp. Version information: before 2.2.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.

CVE-2018-12113 CRITICAL POC
9.8 Jul 05

Core FTP LE version 2.2 Build 1921 is prone to a buffer overflow vulnerability that may result in a DoS or remote code e

CVE-2014-4643 MEDIUM POC
5.0 Jun 25

Multiple heap-based buffer overflows in the client in Core FTP LE 2.2 build 1798 allow remote FTP servers to cause a den

CVE-2019-25686 HIGH POC
8.7 Apr 05

Core FTP 2.0 build 653 contains a denial of service vulnerability in the PBSZ command that allows unauthenticated attack

CVE-2022-22899 MEDIUM POC
5.5 Feb 17

Core FTP / SFTP Server v2 Build 725 was discovered to allow unauthenticated attackers to cause a Denial of Service (DoS)

CVE-2019-9649 MEDIUM POC
5.3 Mar 22

An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. Rated medium severity (CVSS 5.3), this v

CVE-2019-9648 MEDIUM POC
5.3 Mar 22

An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. Rated medium severity (CVSS 5.3), this v

CVE-2014-1441 MEDIUM POC
4.3 May 02

Core FTP Server 1.2 before build 515 allows remote attackers to cause a denial of service (reachable assertion and crash

CVE-2014-1443 MEDIUM POC
4.0 May 02

Core FTP Server 1.2 before build 515 allows remote authenticated users to obtain sensitive information (password for the

CVE-2014-1442 MEDIUM POC
4.0 May 02

Directory traversal vulnerability in Core FTP Server 1.2 before build 515 allows remote authenticated users to determine

Share

CVE-2013-3930 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy