Gabriels FTP Server 1.2 USERNAME denegación de servicio

ArtículoHistoryjsonxmlCTI

Una vulnerabilidad fue encontrada en Gabriels FTP Server 1.2 y clasificada como problemática. Una función desconocida es afectada por esta vulnerabilidad. Por la manipulación del parámetro USERNAME de un input desconocido se causa una vulnerabilidad de clase denegación de servicio. El advisory puede ser descargado de packetstormsecurity.com. La vulnerabilidad es identificada como CVE-2024-1017. El ataque se puede efectuar a través de la red. Los detalles técnicos son conocidos. Fue declarado como proof-of-concept. El exploit puede ser descargado de packetstormsecurity.com. El mejor modo sugerido para mitigar el problema es aplicar el parche al componente. Una solución posible ha sido publicada incluso antes y no después de la publicación de la vulnerabilidad.

Campo	2024-01-29 11:20	2024-02-21 12:40	2024-02-21 12:48
price_0day	$0-$5k	$0-$5k	$0-$5k
vendor	Gabriels	Gabriels	Gabriels
name	FTP Server	FTP Server	FTP Server
version	1.2	1.2	1.2
argument	USERNAME	USERNAME	USERNAME
cwe	404 (denegación de servicio)	404 (denegación de servicio)	404 (denegación de servicio)
risk	1	1	1
cvss3_vuldb_av	N	N	N
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_pr	N	N	N
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	N	N	N
cvss3_vuldb_i	N	N	N
cvss3_vuldb_a	L	L	L
cvss3_vuldb_e	P	P	P
cvss3_vuldb_rl	O	O	O
cvss3_vuldb_rc	C	C	C
identifier	176714	176714	176714
url	https://packetstormsecurity.com/files/176714/Gabriels-FTP-Server-1.2-Denial-Of-Service.html	https://packetstormsecurity.com/files/176714/Gabriels-FTP-Server-1.2-Denial-Of-Service.html	https://packetstormsecurity.com/files/176714/Gabriels-FTP-Server-1.2-Denial-Of-Service.html
availability	1	1	1
publicity	1	1	1
url	https://packetstormsecurity.com/files/176714/Gabriels-FTP-Server-1.2-Denial-Of-Service.html	https://packetstormsecurity.com/files/176714/Gabriels-FTP-Server-1.2-Denial-Of-Service.html	https://packetstormsecurity.com/files/176714/Gabriels-FTP-Server-1.2-Denial-Of-Service.html
name	Parche	Parche	Parche
cve	CVE-2024-1017	CVE-2024-1017	CVE-2024-1017
responsible	VulDB	VulDB	VulDB
date	1706482800 (2024-01-29)	1706482800 (2024-01-29)	1706482800 (2024-01-29)
type	File Transfer Software	File Transfer Software	File Transfer Software
cvss2_vuldb_av	N	N	N
cvss2_vuldb_ac	L	L	L
cvss2_vuldb_au	N	N	N
cvss2_vuldb_ci	N	N	N
cvss2_vuldb_ii	N	N	N
cvss2_vuldb_ai	P	P	P
cvss2_vuldb_e	POC	POC	POC
cvss2_vuldb_rc	C	C	C
cvss2_vuldb_rl	OF	OF	OF
cvss2_vuldb_basescore	5.0	5.0	5.0
cvss2_vuldb_tempscore	3.9	3.9	3.9
cvss3_vuldb_basescore	5.3	5.3	5.3
cvss3_vuldb_tempscore	4.8	4.8	4.8
cvss3_meta_basescore	5.3	5.3	6.0
cvss3_meta_tempscore	4.8	4.8	5.9
videolink	https://www.youtube.com/watch?v=wwHuXfYS8yQ	https://www.youtube.com/watch?v=wwHuXfYS8yQ	https://www.youtube.com/watch?v=wwHuXfYS8yQ
cve_assigned		1706482800 (2024-01-29)	1706482800 (2024-01-29)
cve_nvd_summary		A vulnerability was found in Gabriels FTP Server 1.2. It has been rated as problematic. This issue affects some unknown processing. The manipulation of the argument USERNAME leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-252287.	A vulnerability was found in Gabriels FTP Server 1.2. It has been rated as problematic. This issue affects some unknown processing. The manipulation of the argument USERNAME leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-252287.
cvss3_nvd_av			N
cvss3_nvd_ac			L
cvss3_nvd_pr			N
cvss3_nvd_ui			N
cvss3_nvd_s			U
cvss3_nvd_c			N
cvss3_nvd_i			N
cvss3_nvd_a			H
cvss2_nvd_av			N
cvss2_nvd_ac			L
cvss2_nvd_au			N
cvss2_nvd_ci			N
cvss2_nvd_ii			N
cvss2_nvd_ai			P
cvss3_cna_av			N
cvss3_cna_ac			L
cvss3_cna_pr			N
cvss3_cna_ui			N
cvss3_cna_s			U
cvss3_cna_c			N
cvss3_cna_i			N
cvss3_cna_a			L
cve_cna			VulDB
cvss2_nvd_basescore			5.0
cvss3_nvd_basescore			7.5
cvss3_cna_basescore			5.3

◂ Anterior Visión De Conjunto Próximo ▸

Might our Artificial Intelligence support you?

Check our Alexa App!