CVE-2005-4568

Published Dec 29, 2005

Last updated 14 years ago

Overview

Description: Multiple format string vulnerabilities in FTGate Technology (formerly known as Floosietek) FTGate 4.4 (aka Build 4.4.000 Oct 26 2005) allow remote attackers to execute arbitrary code via format string specifiers in the (1) USER, (2) PASS, and (3) TOP commands to the POP3 server; and the (4) LIST and (5) AUTHENTICATE commands to the IMAP server.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:floosietek:ftgate:4.4_build_4.4.000:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "830822CA-16C7-4B47-B048-ECA3E90EFB31"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References