CVE-2016-5764
Severity CVSS v4.0:
Pending analysis
Type:
CWE-119
Buffer Errors
Publication date:
27/10/2016
Last modified:
12/04/2025
Description
Micro Focus Rumba FTP 4.X client buffer overflow makes it possible to corrupt the stack and allow arbitrary code execution. Fixed in: Rumba FTP 4.5 (HF 14668). This can only occur if a client connects to a malicious server.
Impact
Base Score 3.x
8.80
Severity 3.x
HIGH
Base Score 2.0
6.80
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:microfocus:rumba_ftp:4.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microfocus:rumba_ftp:4.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microfocus:rumba_ftp:4.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microfocus:rumba_ftp:4.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microfocus:rumba_ftp:4.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microfocus:rumba_ftp:4.5:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://community.microfocus.com/microfocus/mainframe_solutions/rumba/w/knowledge_base/28731.rumba-ftp-4-x-security-update.aspx
- http://www.securityfocus.com/bid/93974
- https://www.exploit-db.com/exploits/40651/
- http://community.microfocus.com/microfocus/mainframe_solutions/rumba/w/knowledge_base/28731.rumba-ftp-4-x-security-update.aspx
- http://www.securityfocus.com/bid/93974
- https://www.exploit-db.com/exploits/40651/