[VIM] CVE-2006-1693 Deja Vu

security curmudgeon jericho at attrition.org
Fri Dec 1 20:54:04 EST 2006


http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-1693

Unspecified vulnerability in GlobalSCAPE Secure FTP Server before 3.1.4 
Build 01.10.2006 allows attackers to cause a denial of service 
(application crash) via a "custom command" with a long argument.


Which comes from:
http://www.globalscape.com/gsftps/history.asp

Changes in 3.1.4 Build 01.10.2006
- Corrected issue where execution of a custom command with a lengthy 
parameter line passed to it causes server to crash.

--

Checking the same changelog, the same vuln again:

Changes in 3.1.5 Build 04.12.2006.2
- Corrected issue where execution of a custom command with a lengthy 
parameter line passed to it causes server to crash.


More information about the VIM mailing list