Remote Code Execution Vulnerability in ProZilla 1.3.7.4 and Earlier Versions

Remote Code Execution Vulnerability in ProZilla 1.3.7.4 and Earlier Versions

CVE-2005-2961 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Buffer overflow in the get_string_ahref function for ProZilla 1.3.7.4 and possibly earlier, with the -ftpsearch option enabled, allows remote servers to execute arbitrary code via a search response with a crafted string in the HREF field of an <A> tag.

Learn more about our Cis Benchmark Audit For Server Software.