CVE-2008-4588

Etype Eserv - Memory Corruption

Title source: rule

Description

Stack-based buffer overflow in the FTP server in Etype Eserv 3.x, possibly 3.26, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long argument to the ABOR command.

Exploits (1)

exploitdb WORKING POC VERIFIED

by LiquidWorm · perldoswindows

https://www.exploit-db.com/exploits/6752

View Code ZIP pw:eip

References (5)

[Exploit] http://www.securityfocus.com/bid/31753

[Exploit] http://www.zeroscience.org/codes/eserv_bof.txt

[Third Party Advisory] http://securityreason.com/securityalert/4415

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/6752

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/45864

Scores

EPSS 0.2849

EPSS Percentile 96.5%

Details

CWE

CWE-119

Status published

Products (3)

etype/eserv 3.0

etype/eserv 3.25

etype/eserv 3.26

Published Oct 15, 2008

Tracked Since Feb 18, 2026