Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
vxworks ftpd buffer overflow
Information
Severity
Severity
High
Family
Family
FTP
CVSSv2 Base
CVSSv2 Base
7.5
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Solution Type
Solution Type
Vendor Patch
Created
Created
18 years ago
Modified
Modified
5 years ago
Summary
It might be possible to make the remote FTP server crash by issuing this command : CEL aaaa(...)aaaa This problem is similar to the 'aix ftpd' overflow but on embedded vxworks based systems like the 3com nbx IP phone call manager and seems to cause the server to crash.
Affected Software
Affected Software
This affects VxWorks ftpd versions 5.4 and 5.4.2.
Solution
Solution
If you are using an embedded vxworks product, please contact the OEM vendor and reference WindRiver field patch TSR 296292. If this is the 3com NBX IP Phone call manager, contact 3com.