Lucene search
HistoryNov 23, 2004 - 5:00 a.m.
CVE-2004-0255
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
7
Confidence
High
EPSS
0.039
Percentile
92.1%
Xlight 1.52, with log to screen enabled, allows remote attackers to cause a denial of service by requesting a long directory consisting of . (dot) and / (slash) characters, which causes the server to crash when the administrator views the log file, possibly triggering a buffer overflow.
Affected configurations
Node
xlight_ftp_serverxlight_ftp_serverMatch1.25
ORxlight_ftp_serverxlight_ftp_serverMatch1.41
ORxlight_ftp_serverxlight_ftp_serverMatch1.45
ORxlight_ftp_serverxlight_ftp_serverMatch1.52
| Vendor | Product | Version | CPE |
|---|---|---|---|
| xlight_ftp_server | xlight_ftp_server | 1.25 | cpe:2.3:a:xlight_ftp_server:xlight_ftp_server:1.25:*:*:*:*:*:*:* |
| xlight_ftp_server | xlight_ftp_server | 1.41 | cpe:2.3:a:xlight_ftp_server:xlight_ftp_server:1.41:*:*:*:*:*:*:* |
| xlight_ftp_server | xlight_ftp_server | 1.45 | cpe:2.3:a:xlight_ftp_server:xlight_ftp_server:1.45:*:*:*:*:*:*:* |
| xlight_ftp_server | xlight_ftp_server | 1.52 | cpe:2.3:a:xlight_ftp_server:xlight_ftp_server:1.52:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2004-0255
2004-03-18 05:00:00
exploitdb
exploitdb
Xlight FTP Server 1.x - Long Directory Request Remote Denial of Service
2004-02-05 00:00:00
cve
cve
CVE-2004-0255
2004-11-23 05:00:00
nessus
nessus
Xlight FTP Server Multiple Remote Overflows
2004-02-16 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
7
Confidence
High
EPSS
0.039
Percentile
92.1%
Related for NVD:CVE-2004-0255