Vulnerability Description
Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite, probably 3.0, allows remote authenticated users to execute arbitrary code by sending a command with a long argument, which triggers a buffer overflow when an admin selects the Logging section in the FTP server main window. NOTE: the original researcher claims that the vendor disputes this issue.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Pablo Software Solutions | Quick N Easy Ftp Server | 3.0 |
References
- http://securityreason.com/securityalert/788
- http://www.osvdb.org/25235
- http://www.securityfocus.com/archive/1/431920/100/0/threaded
- http://www.securityfocus.com/bid/17681
- http://securityreason.com/securityalert/788
- http://www.osvdb.org/25235
- http://www.securityfocus.com/archive/1/431920/100/0/threaded
- http://www.securityfocus.com/bid/17681
FAQ
What is CVE-2006-2027?
CVE-2006-2027 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite, probably 3.0, allows remote authenticated users to execut...
How severe is CVE-2006-2027?
CVE-2006-2027 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-2027?
Check the references section above for vendor advisories and patch information. Affected products include: Pablo Software Solutions Quick N Easy Ftp Server.