CVE-2008-5106

Karjasoft Sami FTP Server - Memory Corruption

Title source: rule

Description

Buffer overflow in KarjaSoft Sami FTP Server 2.0.x allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long argument to an arbitrary command, which triggers the overflow when the SamyFtp.binlog log file is viewed in the management console. NOTE: this may overlap CVE-2006-0441 and CVE-2006-2212.

Exploits (1)

metasploit WORKING POC LOW

by superkojiman · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/ftp/sami_ftpd_list.rb

View Code ZIP pw:eip

References (3)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/488198/100/200/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/27817

[Third Party Advisory] http://securityreason.com/securityalert/4603

Scores

EPSS 0.6207

EPSS Percentile 98.4%

Details

CWE

CWE-119

Status published

Products (3)

karjasoft/sami_ftp_server 2.0.0

karjasoft/sami_ftp_server 2.0.1

karjasoft/sami_ftp_server 2.0.2

Published Nov 17, 2008

Tracked Since Feb 18, 2026