Lucene search
HistoryMar 15, 2004 - 5:00 a.m.
CVE-2004-0159
security
vulnerability
hsftp
remote
denial of service
execute
arbitrary code
format string
7.3 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.071 Low
EPSS
Percentile
94.0%
Format string vulnerability in hsftp 1.11 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via file names containing format string characters that are not properly handled when executing an “ls” command.
Related
openvas
openvas
FreeBSD Ports: hsftp
2008-09-04 00:00:00
Debian Security Advisory DSA 447-1 (hsftp)
2008-01-17 00:00:00
FreeBSD Ports: hsftp
2008-09-04 00:00:00
cvelist
cvelist
CVE-2004-0159
2004-09-01 04:00:00
nessus
nessus
Debian DSA-447-1 : hsftp - format string
2004-09-29 00:00:00
securityvulns
securityvulns
debian
debian
[SECURITY] [DSA 447-1] New hsftp packages fix format string vulnerability
2004-02-22 00:00:00
osv
osv
hsftp - format string
2004-02-22 00:00:00
7.3 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.071 Low
EPSS
Percentile
94.0%
Related for CVE-2004-0159