Vulnerability Description
BPFTPServer service in BulletProof FTP Server 2.4.0.31 does not properly drop privileges before opening files through the Help menu, which allows local users to gain privileges.
CVSS Score
7.2
HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bulletproof | Bulletproof Ftp Server | 2.4.0.31 |
References
- http://marc.info/?l=bugtraq&m=111464474828477&w=2
- http://secunia.com/advisories/15152
- http://www.osvdb.org/15898
- http://www.securityfocus.com/bid/13410Exploit
- http://www.vupen.com/english/advisories/2005/0419
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20301
- http://marc.info/?l=bugtraq&m=111464474828477&w=2
- http://secunia.com/advisories/15152
- http://www.osvdb.org/15898
- http://www.securityfocus.com/bid/13410Exploit
- http://www.vupen.com/english/advisories/2005/0419
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20301
FAQ
What is CVE-2005-1371?
CVE-2005-1371 is a vulnerability with a CVSS score of 7.2 (HIGH). BPFTPServer service in BulletProof FTP Server 2.4.0.31 does not properly drop privileges before opening files through the Help menu, which allows local users to gain privileges.
How severe is CVE-2005-1371?
CVE-2005-1371 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-1371?
Check the references section above for vendor advisories and patch information. Affected products include: Bulletproof Bulletproof Ftp Server.