CVE-2006-6751
Severity CVSS v4.0:
Pending analysis
Type:
CWE-134
Format String Vulnerability
Publication date:
27/12/2006
Last modified:
29/07/2017
Description
Format string vulnerability in XM Easy Personal FTP Server 5.2.1 allows remote attackers to cause a denial of service (application crash) via format string specifiers in the USER command or certain other available or nonexistent commands. NOTE: It was later reported that 5.3.0 is also vulnerable.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:dxmsoft:xm_easy_personal_ftp_server:5.2.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:dxmsoft:xm_easy_personal_ftp_server:5.3:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://downloads.securityfocus.com/vulnerabilities/exploits/18632.txt
- http://downloads.securityfocus.com/vulnerabilities/exploits/22747.pl
- http://www.securityfocus.com/bid/18632
- http://www.securityfocus.com/bid/22747
- http://www.vupen.com/english/advisories/2007/0786
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31140