A look at CVE-2011–2523 and CVE-2007–2447

An easy win but with hidden dangers

In this blog post, we’ll go through the CVEs, write Python scripts to exploit them, and expose the dangers of these CVEs regarding OPSEC. You might ask: “Why am I covering these old CVEs?”. I’m covering them because we can always learn from past vulnerabilities while also learning new things.

CVE-2011–2523

This CVE is a backdoor in the vsftpd FTP server version 2.3.4. The master site hosting the downloadable client had a …

blog blog post cve cves encrypted exploit hidden learn old opsec python reverse shell scripting scripts vulnerabilities