Vulnerabilities > CVE-2004-0255 - Remote Denial Of Service vulnerability in XLight FTP Server Long Directory Request
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Xlight 1.52, with log to screen enabled, allows remote attackers to cause a denial of service by requesting a long directory consisting of . (dot) and / (slash) characters, which causes the server to crash when the administrator views the log file, possibly triggering a buffer overflow.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 |
Exploit-Db
description | XLight FTP Server 1.x Long Directory Request Remote Denial Of Service Vulnerability. CVE-2004-0255. Dos exploit for windows platform |
id | EDB-ID:23654 |
last seen | 2016-02-02 |
modified | 2004-02-05 |
published | 2004-02-05 |
reporter | intuit |
source | https://www.exploit-db.com/download/23654/ |
title | XLight FTP Server 1.x Long Directory Request Remote Denial of Service Vulnerability |
Nessus
NASL family | FTP |
NASL id | FTP_XLIGHT_OVERFLOW.NASL |
description | The remot ehost is running a verion of the Xlight FTP server earlier than 1.53. Such versions are reportedly affected by multiple remote buffer overflow vulnerabilities. An attacker could exploit these flaws in order to crash the affected service. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 12056 |
published | 2004-02-16 |
reporter | This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/12056 |
title | Xlight FTP Server Multiple Remote Overflows |
code |
|