FKIE_CVE-2011-5033

Vulnerability from fkie_nvd - Published: 2011-12-29 22:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Stack-based buffer overflow in CFS.c in ConfigServer Security & Firewall (CSF) before 5.43, when running on a DirectAdmin server, allows local users to cause a denial of service (crash) via a long string in an admin.list file.
References
cve@mitre.orghttp://forum.configserver.com/viewtopic.php?f=4&t=5008
cve@mitre.orghttp://www.configserver.com/free/csf/changelog.txt
cve@mitre.orghttp://www.exploit-db.com/exploits/18225Exploit
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/71758
af854a3a-2127-422b-91ae-364da2661108http://forum.configserver.com/viewtopic.php?f=4&t=5008
af854a3a-2127-422b-91ae-364da2661108http://www.configserver.com/free/csf/changelog.txt
af854a3a-2127-422b-91ae-364da2661108http://www.exploit-db.com/exploits/18225Exploit
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/71758
Impacted products
Vendor Product Version
configserver configserver_security_firewall *
configserver configserver_security_firewall 5.00
configserver configserver_security_firewall 5.01
configserver configserver_security_firewall 5.02
configserver configserver_security_firewall 5.03
configserver configserver_security_firewall 5.04
configserver configserver_security_firewall 5.05
configserver configserver_security_firewall 5.06
configserver configserver_security_firewall 5.07
configserver configserver_security_firewall 5.08
configserver configserver_security_firewall 5.09
configserver configserver_security_firewall 5.10
configserver configserver_security_firewall 5.11
configserver configserver_security_firewall 5.12
configserver configserver_security_firewall 5.13
configserver configserver_security_firewall 5.14
configserver configserver_security_firewall 5.15
configserver configserver_security_firewall 5.16
configserver configserver_security_firewall 5.17
configserver configserver_security_firewall 5.18
configserver configserver_security_firewall 5.19
configserver configserver_security_firewall 5.20
configserver configserver_security_firewall 5.21
configserver configserver_security_firewall 5.22
configserver configserver_security_firewall 5.30
configserver configserver_security_firewall 5.31
configserver configserver_security_firewall 5.32
configserver configserver_security_firewall 5.33
configserver configserver_security_firewall 5.34
configserver configserver_security_firewall 5.35
configserver configserver_security_firewall 5.36
configserver configserver_security_firewall 5.37
configserver configserver_security_firewall 5.38
configserver configserver_security_firewall 5.39
configserver configserver_security_firewall 5.40
configserver configserver_security_firewall 5.41
directadmin directadmin_server *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "345D8DF1-3331-4B3C-AF08-15F176EF12E1",
              "versionEndIncluding": "5.42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F6548E7-60BB-4B6C-A148-99609820FFE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "18E7C533-7C07-4736-9B51-D72199314B0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "3597BE5B-FFE2-46DF-8258-6891FDD8119D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "30D6C9F0-9912-40E7-84BF-0A727527C1DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4116C6D-E935-417D-87D3-9EA4DDC1CBE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.05:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BFF7826-63BC-4902-AD2A-558B2DCBC9C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.06:*:*:*:*:*:*:*",
              "matchCriteriaId": "2833EB00-3FF0-46A7-BAE1-07EDA6C82E86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.07:*:*:*:*:*:*:*",
              "matchCriteriaId": "709CF3A2-3960-48E0-A0CD-C297A5D0D29B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.08:*:*:*:*:*:*:*",
              "matchCriteriaId": "97DBE6A1-919F-4BFB-A929-AAB905655835",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.09:*:*:*:*:*:*:*",
              "matchCriteriaId": "1169E350-60CB-4C3A-9A56-861FB1F1E432",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AF1B878-E9D7-4B66-B3DB-B505E85BDA5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "67BB35E0-DB17-465C-9F25-F6DA797CCC25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "3098EE89-8785-4C62-8826-BBF5400B61F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AF08758-27D2-4747-ACE4-AAE0568D9EC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "3900BBA9-4D11-40D8-ADC8-C817F146039A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "45144807-10D0-46D7-83D9-CAB23FB42DB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1B010AE-488B-4DC1-BD27-3ADCA76C5E90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "F633C7FE-AFC0-45FB-9703-A6810985EE49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC83E9C0-F810-4F80-B52F-1A04074B6433",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C7CE943-0402-4ECB-B78D-C0A84D0CFDE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FD46DBC-31FC-4B94-B5B5-23FEA50D1F67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3F025FB-DE3C-434C-B908-59BFBFE36310",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "9871F66A-C9D1-4334-9916-669828B9ABA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4FEE1A1-E831-4B72-8F6B-77C6ACA31C00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1833B3A-504D-4A0A-83B1-574CFA0D0C36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1FD8B89-9491-4077-97C7-043DA69E24D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "6182C6EA-6DD2-4375-8B65-60D7173D5FD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F2F55B1-0044-4561-B24F-4284A5D43885",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE4E212A-CF7C-43D2-B496-397ABACA4C14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "64AF59C1-F258-43E4-ABBB-94D7D4309005",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D6CB452-4622-4009-82AD-985912D3C402",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "200CB4C4-E6A5-4586-A11E-3F5EEE8D31BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "583AE1E1-B840-4097-9596-4DD4B29088A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF1F4BAC-77B5-421E-BB41-02CC1E563BD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:configserver:configserver_security_firewall:5.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "63CDC75D-8D1C-48DA-844F-0AC21D0A9109",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:directadmin:directadmin_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19E88547-1F86-47BD-9F37-70DCD2662E4C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in CFS.c in ConfigServer Security \u0026 Firewall (CSF) before 5.43, when running on a DirectAdmin server, allows local users to cause a denial of service (crash) via a long string in an admin.list file."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de b\u00fafer basado en la pila \r\nen CFS.c en ConfigServer Seguridad y Firewall (CSF) anterior a v5,43, cuando se ejecuta en un servidor de DirectAdmin, permite a usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de una larga cadena en un archivo admin.list."
    }
  ],
  "id": "CVE-2011-5033",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-12-29T22:55:02.030",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://forum.configserver.com/viewtopic.php?f=4\u0026t=5008"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.configserver.com/free/csf/changelog.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.exploit-db.com/exploits/18225"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71758"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://forum.configserver.com/viewtopic.php?f=4\u0026t=5008"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.configserver.com/free/csf/changelog.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.exploit-db.com/exploits/18225"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71758"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.