INFORMATION

Name : CVE-2008-4247 First Publication : 2008-09-25
Severity : High Last Modification : 2009-01-29

SCORING CVSS v2

Cvss Base Score : 7.5 Attack Range : Network
Cvss Impact Score : 6.4 Attack Complexity : Low
Cvss Expoit Score : 10 Authentification : None Required

Calculate full CVSS 2.0 Vectors scores

DETAIL

ftpd in OpenBSD 4.3, FreeBSD 7.0, and NetBSD 4.0 interprets long commands from an FTP client as multiple commands, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and execute arbitrary FTP commands via a long ftp:// URI that leverages an existing session from the FTP client implementation in a web browser.


MORE INFORMATIONS

If you login, you will see more informations about this alert including :

1 CWE ID(s)
3 CPE ID(s)
14 Secondary sources

Your browser must accept cookie for login.

Login : Password: Captcha :
Remember me ?
if you can not read it, please refresh the page

If you don't have a login, register for FREE.