Vulnerability Description
Stack-based buffer overflow in http.c in Karl Dahlke Edbrowse (aka Command line editor browser) 3.1.3 allows remote attackers to execute arbitrary code by operating an FTP server that sends directory listings with (1) long user names or (2) long group names.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Karl Dahlke | Edbrowse | 3.1.3 |
References
- http://marc.info/?l=full-disclosure&m=116760539609173&w=2
- http://sourceforge.net/tracker/index.php?func=detail&aid=1622117&group_id=141946
- http://www.securityfocus.com/bid/21832
- http://marc.info/?l=full-disclosure&m=116760539609173&w=2
- http://sourceforge.net/tracker/index.php?func=detail&aid=1622117&group_id=141946
- http://www.securityfocus.com/bid/21832
FAQ
What is CVE-2006-6909?
CVE-2006-6909 is a vulnerability with a CVSS score of 10.0 (HIGH). Stack-based buffer overflow in http.c in Karl Dahlke Edbrowse (aka Command line editor browser) 3.1.3 allows remote attackers to execute arbitrary code by operating an FTP server that sends directory ...
How severe is CVE-2006-6909?
CVE-2006-6909 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-6909?
Check the references section above for vendor advisories and patch information. Affected products include: Karl Dahlke Edbrowse.