Lucene search

[email protected]NVD:CVE-2004-0185

HistoryMar 15, 2004 - 5:00 a.m.

CVE-2004-0185

2004-03-1505:00:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.075

Percentile

94.1%

JSON

Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp daemon (wu-ftpd) 2.6.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a s/key (SKEY) request with a long name.

Affected configurations

Nvd

Node

washington_universitywu-ftpdMatch2.6.2

VendorProductVersionCPE
washington_universitywu-ftpd2.6.2cpe:2.3:a:washington_university:wu-ftpd:2.6.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
washington_university	wu-ftpd	2.6.2	cpe:2.3:a:washington_university:wu-ftpd:2.6.2:::::::*

References

ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_2.6.2/skeychallenge.patch

unixpunx.org/txt/exploits_archive/packetstorm/0310-advisories/wuftpd-skey.txt

www.debian.org/security/2004/dsa-457

www.redhat.com/support/errata/RHSA-2004-096.html

www.securiteam.com/unixfocus/6X00Q1P8KC.html

www.securityfocus.com/bid/8893

exchange.xforce.ibmcloud.com/vulnerabilities/13518

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.075

Percentile

94.1%

JSON

Related for NVD:CVE-2004-0185

cvelist1 cve2 openvas4 nessus3 ubuntucve1 osv1 securityvulns1 nvd1 redhat1 debian1