CVE-2006-1445 - Buffer overflow in the FTP server (FTPServer) in Apple Mac OS X 10.3.9 and 10.4.6 allows remote auth

CVE-2006-1445

Summary

Buffer overflow in the FTP server (FTPServer) in Apple Mac OS X 10.3.9 and 10.4.6 allows remote authenticated users to execute arbitrary code via vectors related to "FTP server path name handling." This vulnerability is addressed in the following product release: Apple, Mac OS X, 10.4.6 (2006-003)

References

Vulnerable Configurations

cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*

CVSS

Base:	6.5 (as of 20-07-2017 - 01:30)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:S/C:P/I:P/A:P

refmap via4

apple	APPLE-SA-2006-05-11
bid	17951
cert	TA06-132A
osvdb	25589
sectrack	1016084
secunia	20077
vupen	ADV-2006-1779
xf	macos-ftpserver-code-execution(26411)

Last major update

20-07-2017 - 01:30

Published

12-05-2006 - 21:02

Last modified

20-07-2017 - 01:30