INFORMATION

Name : CVE-2008-4247 First Publication : 2008-09-25
Severity : High Last Modification : 2008-10-01

SCORING CVSS v2

Cvss Base Score : 7.5 Attack Range : Network
Cvss Impact Score : 6.4 Attack Complexity : Low
Cvss Expoit Score : 10 Authentification : None Required

DETAIL

ftpd in OpenBSD 4.3, FreeBSD 7.0, and NetBSD 4.0 interprets long commands from an FTP client as multiple commands, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and execute arbitrary FTP commands via a long ftp:// URI that leverages an existing session from the FTP client implementation in a web browser.


MORE INFORMATIONS

If you login, you will see more informations about this alert including :

9 Secondary sources

Your browser must accept cookie for login.

Login : Password: Captcha :
Remember me ?
if you can not read it, please refresh the page

If you don't have a login, register for FREE.