2 matches found
CVE-2004-0042
CVE-2004-0042 concerns vsftpd 1.1.3, where the login error messages differ based on whether a supplied username exists. The underlying effect is information disclosure: remote attackers can determine valid usernames on the server. The available connected sources corroborate the version (vsftpd 1....
CVE-2004-2259
Vulnerability CVE-2004-2259 affects vsftpd before 1.2.2. Under heavy load, a SIGCHLD signal during malloc/free (non-reentrant) can cause the FTP daemon to crash, producing a denial of service. Multiple connected sources confirm a signal-handling bug where unsafe operations in signal handlers coul...