Lucene search
HistoryMar 15, 2004 - 5:00 a.m.
CVE-2004-0159
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.2 High
AI Score
Confidence
Low
0.071 Low
EPSS
Percentile
94.0%
Format string vulnerability in hsftp 1.11 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via file names containing format string characters that are not properly handled when executing an “ls” command.
Affected configurations
Node
samhain_labshsftpMatch1.4
ORsamhain_labshsftpMatch1.5
ORsamhain_labshsftpMatch1.6
ORsamhain_labshsftpMatch1.7
ORsamhain_labshsftpMatch1.9
ORsamhain_labshsftpMatch1.10
ORsamhain_labshsftpMatch1.11
Related
nessus
nessus
Debian DSA-447-1 : hsftp - format string
2004-09-29 00:00:00
openvas
openvas
FreeBSD Ports: hsftp
2008-09-04 00:00:00
Debian: Security Advisory (DSA-447)
2008-01-17 00:00:00
Debian Security Advisory DSA 447-1 (hsftp)
2008-01-17 00:00:00
cvelist
cvelist
CVE-2004-0159
2004-09-01 04:00:00
cve
cve
CVE-2004-0159
2004-09-01 04:00:00
osv
osv
hsftp - format string
2004-02-22 00:00:00
debian
debian
[SECURITY] [DSA 447-1] New hsftp packages fix format string vulnerability
2004-02-23 03:25:40
securityvulns
securityvulns
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.2 High
AI Score
Confidence
Low
0.071 Low
EPSS
Percentile
94.0%
Related for NVD:CVE-2004-0159