CVE-2007-5184

Smbftpd - Format String Vulnerability

Title source: rule

Description

Format string vulnerability in the SMBDirList function in dirlist.c in SmbFTPD 0.96 allows remote attackers to execute arbitrary code via format string specifiers in a directory name.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Jerry Illikainen · cremotelinux

https://www.exploit-db.com/exploits/4478

View Code ZIP pw:eip

References (9)

[Various Sources] http://debork.se/poc/001_smbftpd.c

[Third Party Advisory, VDB Entry] http://osvdb.org/41385

[Vendor Advisory] http://secunia.com/advisories/27014

[Patch] http://sourceforge.net/project/shownotes.php?release_id=543077

[Exploit, Patch] http://www.securityfocus.com/bid/25871

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/36893

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/481220/100/0/threaded

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/4478

[Third Party Advisory] http://www.vupen.com/english/advisories/2007/3311

Scores

EPSS 0.2935

EPSS Percentile 96.6%

Details

CWE

CWE-134

Status published

Products (1)

smbftpd/smbftpd 0.96

Published Oct 03, 2007

Tracked Since Feb 18, 2026