Unrated severityNVD Advisory· Published Sep 15, 2012· Updated Apr 29, 2026

CVE-2011-5166

Description

Multiple stack-based buffer overflows in KnFTP 1.0.0 allow remote attackers to execute arbitrary code via a long string to the (1) USER, (2) PASS, (3) REIN, (4) QUIT, (5) PORT, (6) PASV, (7) TYPE, (8) STRU, (9) MODE, (10) RETR, (11) STOR, (12) APPE, (13) ALLO, (14) REST, (15) RNFR, (16) RNTO, (17) ABOR, (18) DELE, (19) CWD, (20) LIST, (21) NLST, (22) SITE, (23) STST, (24) HELP, (25) NOOP, (26) MKD, (27) RMD, (28) PWD, (29) CDUP, (30) STOU, (31) SNMT, (32) SYST, and (33) XPWD commands.

Affected products

Elif Keir/Knftp
cpe:2.3:a:elif_keir:knftp:1.0.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

archives.neohapsis.com/archives/bugtraq/2011-09/0015.htmlnvdExploit
www.exploit-db.com/exploits/17819nvdExploit
www.exploit-db.com/exploits/17856nvdExploit
www.exploit-db.com/exploits/17870nvdExploit
www.exploit-db.com/exploits/18089nvdExploit
secunia.com/advisories/45907nvdVendor Advisory
www.osvdb.org/75147nvd
exchange.xforce.ibmcloud.com/vulnerabilities/69557nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.033
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000