CVE-2007-6741 in pyftpdlibinformazioni

Riassunto

di MITRE

The ftp_PORT function in FTPServer.py in pyftpdlib before 0.2.0 does not prevent TCP connections to privileged ports if the destination IP address matches the source IP address of the connection from the FTP client, which might allow remote authenticated users to conduct FTP bounce attacks via crafted FTP data, as demonstrated by an FTP bounce attack against a NAT server, a related issue to CVE-1999-0017.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

19/10/2010

Divulgazione

19/10/2010

Moderazione

accettato

Voce

VDB-55118

CPE

pronto

CWE

CWE-264 (confermato)

CVSS

6.3 (VulDB)

EPSS

0.01769

KEV

Attività

molto basso

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-6741
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-6741
CVE Details	https://www.cvedetails.com/cve/CVE-2007-6741/

◂ Precedente Visione D'ensemble Il prossimo ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!