CVE-2005-3524

Linux-ftpd-ssl - Buffer Overflow

Title source: rule

Description

Buffer overflow in the SSL-ready version of linux-ftpd (linux-ftpd-ssl) 0.17 allows remote attackers to execute arbitrary code by creating a long directory name, then executing the XPWD command.

Exploits (1)

exploitdb WORKING POC VERIFIED

by kingcope · cremotelinux

https://www.exploit-db.com/exploits/1295

View Code ZIP pw:eip

References (9)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/23016

[Third Party Advisory] http://secunia.com/advisories/17529

[Exploit] http://seclists.org/lists/fulldisclosure/2005/Nov/0140.html

[Third Party Advisory, VDB Entry] http://www.osvdb.org/20530

[Third Party Advisory] http://secunia.com/advisories/17465

[Third Party Advisory] http://secunia.com/advisories/17586

[Third Party Advisory] http://www.vupen.com/english/advisories/2005/2330

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/15343

[Third Party Advisory] http://www.debian.org/security/2005/dsa-896

Scores

EPSS 0.2548

EPSS Percentile 96.2%

Details

Status published

Products (1)

linux-ftpd-ssl/linux-ftpd-ssl 0.17

Published Nov 07, 2005

Tracked Since Feb 18, 2026