Vulnerabilities > CVE-1999-1058 - Unspecified vulnerability in Arcane Software Vermillion FTP Daemon 1.23
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in Vermillion FTP Daemon VFTPD 1.23 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via several long CWD commands.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
| NASL family | FTP |
| NASL id | VFTPD_OVERFLOW.NASL |
| description | It was possible to make the remote FTP server crash by issuing the commands : CWD <buffer> CWD <buffer> CWD <buffer> Where <buffer> is longer than 504 chars. An attacker can use this problem to prevent your FTP server from working properly, thus preventing legitimate users from using it. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 10293 |
| published | 1999-11-22 |
| reporter | This script is Copyright (C) 1999-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/10293 |
| title | Vermillion FTPD Long CWD Commands DoS |