CVE-2006-6909

{"id": "CVE-2006-6909", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-12-31T05:00:00.000", "references": [{"url": "http://marc.info/?l=full-disclosure&m=116760539609173&w=2", "source": "cve@mitre.org"}, {"url": "http://sourceforge.net/tracker/index.php?func=detail&aid=1622117&group_id=141946&atid=751061", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/21832", "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=full-disclosure&m=116760539609173&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://sourceforge.net/tracker/index.php?func=detail&aid=1622117&group_id=141946&atid=751061", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/21832", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in http.c in Karl Dahlke Edbrowse (aka Command line editor browser) 3.1.3 allows remote attackers to execute arbitrary code by operating an FTP server that sends directory listings with (1) long user names or (2) long group names."}, {"lang": "es", "value": "Desbordamiento de b\u00fager en http.c en Karl Dahlke Edbrowse (tambi\u00e9n conocido como Command line editor browser) 3.1.3 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de operar con un servidor FTP que envia listados de directorio con (1) nombres de usuario o (2) nombres de grupos."}], "lastModified": "2025-04-09T00:30:58.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:karl_dahlke:edbrowse:3.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24F018AA-61C6-49D6-BBD8-AE05FFE7C390"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}