Vulnerability Description
Stack-based buffer overflow in CFS.c in ConfigServer Security & Firewall (CSF) before 5.43, when running on a DirectAdmin server, allows local users to cause a denial of service (crash) via a long string in an admin.list file.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Configserver | Configserver Security Firewall | <= 5.42 |
| Directadmin | Directadmin Server | All versions |
Related Weaknesses (CWE)
References
- http://forum.configserver.com/viewtopic.php?f=4&t=5008
- http://www.configserver.com/free/csf/changelog.txt
- http://www.exploit-db.com/exploits/18225Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71758
- http://forum.configserver.com/viewtopic.php?f=4&t=5008
- http://www.configserver.com/free/csf/changelog.txt
- http://www.exploit-db.com/exploits/18225Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71758
FAQ
What is CVE-2011-5033?
CVE-2011-5033 is a vulnerability with a CVSS score of 4.4 (MEDIUM). Stack-based buffer overflow in CFS.c in ConfigServer Security & Firewall (CSF) before 5.43, when running on a DirectAdmin server, allows local users to cause a denial of service (crash) via a long str...
How severe is CVE-2011-5033?
CVE-2011-5033 has been rated MEDIUM with a CVSS base score of 4.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-5033?
Check the references section above for vendor advisories and patch information. Affected products include: Configserver Configserver Security Firewall, Directadmin Directadmin Server.