ID:9505 - Exploit for OS Command Injection in vsftpd and Debian Linux - CVE-2011-2523

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:9505 - Exploit for OS Command Injection in vsftpd and Debian Linux - CVE-2011-2523

ID:9505 - Exploit for OS Command Injection in vsftpd and Debian Linux - CVE-2011-2523

Published: January 15, 2024


Vulnerability identifier: #VU35024
Vulnerability risk: High
CVE-ID: CVE-2011-2523
CWE-ID: CWE-78
Exploitation vector: Remote access
Vulnerable software:
vsftpd
Debian Linux

Link to public exploit:


Vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.


Remediation

Install update from vendor's website.