漏洞描述
Pure-FTPd versions prior to 1.0.52 contain a buffer overflow vulnerability due to an out-of-bounds read in the domlsd() function within the ls.c file. This vulnerability could allow attackers to execute arbitrary code on affected systems.
CVE-2024-48208: Pure-FTPd < 1.0.52 - Buffer Overflow
PoC代码[已公开]
id: CVE-2024-48208
info:
name: Pure-FTPd < 1.0.52 - Buffer Overflow
author: pussycat0x
severity: high
description: |
Pure-FTPd versions prior to 1.0.52 contain a buffer overflow vulnerability due to an out-of-bounds read in the domlsd() function within the ls.c file. This vulnerability could allow attackers to execute arbitrary code on affected systems.
reference:
- https://github.com/jedisct1/pure-ftpd/pull/176
- https://github.com/rohilchaudhry/CVE-2024-48208
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
cvss-score: 8.6
cve-id: CVE-2024-48208
cwe-id: CWE-125
epss-score: 0.14481
epss-percentile: 0.9414
metadata:
verified: true
max-request: 1
shodan-query: product:"Pure-FTPd"
tags: cve,cve2024,network,ftp,pure-ftpd,tcp,passive,vuln
tcp:
- inputs:
- data: 00000000
type: hex
host:
- "{{Hostname}}"
port: 21
read-size: 1024
matchers:
- type: dsl
dsl:
- "contains(raw, 'Pure-FTPd')"
- "compare_versions(version, '< 1.0.52')"
condition: and
extractors:
- type: regex
name: version
group: 1
regex:
- "Pure-FTPd ([0-9.]+)"
# digest: 4b0a004830460221008c73244810f58b5ac16688c3b300facb1c8b0b503ebe0aa75fe8dc6e26e197fc022100826e953dd2baa656968afd2d2fcfba82cdfd0a8167247293a5468410af333e7d:922c64590222798bb761d5b6d8e72950