[email protected]CVE-2004-0340

HistoryNov 23, 2004 - 5:00 a.m.

CVE-2004-0340

2004-11-2305:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-0340

buffer overflow

wftpd pro server

security vulnerability

arbitrary code execution

nvd

7.9 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

Stack-based buffer overflow in WFTPD Pro Server 3.21 Release 1, Pro Server 3.20 Release 2, Server 3.21 Release 1, and Server 3.10 allows local users to execute arbitrary code via long (1) LIST, (2) NLST, or (3) STAT commands.

CPENameOperatorVersion
texas_imperial_software:wftpdtexas imperial software wftpdeq3.21
texas_imperial_software:wftpdtexas imperial software wftpdeq3.20
texas_imperial_software:wftpdtexas imperial software wftpdeq3.0_0r5
texas_imperial_software:wftpdtexas imperial software wftpdeq3.10_r1
texas_imperial_software:wftpdtexas imperial software wftpdeqpro_3.21
texas_imperial_software:wftpdtexas imperial software wftpdeq3.0
texas_imperial_software:wftpdtexas imperial software wftpdeq3.0_0r3
texas_imperial_software:wftpdtexas imperial software wftpdeqpro_3.20
texas_imperial_software:wftpdtexas imperial software wftpdeq3.0_0r4
texas_imperial_software:wftpdtexas imperial software wftpdeqpro_3.10_r1

CPE	Name	Operator	Version
texas_imperial_software:wftpd	texas imperial software wftpd	eq	3.21
texas_imperial_software:wftpd	texas imperial software wftpd	eq	3.20
texas_imperial_software:wftpd	texas imperial software wftpd	eq	3.0_0r5
texas_imperial_software:wftpd	texas imperial software wftpd	eq	3.10_r1
texas_imperial_software:wftpd	texas imperial software wftpd	eq	pro_3.21
texas_imperial_software:wftpd	texas imperial software wftpd	eq	3.0
texas_imperial_software:wftpd	texas imperial software wftpd	eq	3.0_0r3
texas_imperial_software:wftpd	texas imperial software wftpd	eq	pro_3.20
texas_imperial_software:wftpd	texas imperial software wftpd	eq	3.0_0r4
texas_imperial_software:wftpd	texas imperial software wftpd	eq	pro_3.10_r1

References

marc.info/?l=bugtraq&m=107801208004699&w=2

secunia.com/advisories/11001

www.securityfocus.com/bid/9767

exchange.xforce.ibmcloud.com/vulnerabilities/15340

7.9 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2004-0340

cvelist1 nessus1