Strix
26.1K

CVE-2006-2027

UnknownEPSS 3.86%

Last modified

CVE-2006-2027 is a vulnerability of currently unknown severity. Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite, probably 3.0, allows remote authenticated users to execute arbitrary code by sending a command with a long argument, which triggers a buffer overflow when an admin selects the Logging section in the FTP server main window. NOTE: the original researcher claims that the vendor disputes this issue.. EPSS estimates a 3.86% chance of exploitation in the next 30 days.

Description

Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite, probably 3.0, allows remote authenticated users to execute arbitrary code by sending a command with a long argument, which triggers a buffer overflow when an admin selects the Logging section in the FTP server main window. NOTE: the original researcher claims that the vendor disputes this issue.

Metrics

EPSS Probability
3.86%

88.8th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
Pablo Software SolutionsQuick N Easy Ftp Server3.0

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2006-2027?
Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite, probably 3.0, allows remote authenticated users to execute arbitrary code by sending a command with a long argument, which triggers a buffer overflow when an admin selects the Logging section in the FTP server main window. NOTE: the original researcher claims that the vendor disputes this issue.
How severe is CVE-2006-2027?
Severity scoring for CVE-2006-2027 is pending analysis. The EPSS model estimates a 3.86% probability of exploitation in the next 30 days.
How do I fix CVE-2006-2027?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2006-2027?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST