High

CVE-2004-0340 - Unspecified vulnerability in Texas Imperial Software Wftpd

Publication: 2004-11-23
Summary

Stack-based buffer overflow in WFTPD Pro Server 3.21 Release 1, Pro Server 3.20 Release 2, Server 3.21 Release 1, and Server 3.10 allows local users to execute arbitrary code via long (1) LIST, (2) NLST, or (3) STAT commands.

Risk level (CVSS 7.2)

High

7.2

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

  • Texas Imperial Software Wftpd 3.0
  • Texas Imperial Software Wftpd pro_3.21
  • Texas Imperial Software Wftpd 3.0_0r3
  • Texas Imperial Software Wftpd 3.0_0r4
  • Texas Imperial Software Wftpd 3.0_0r4
  • Texas Imperial Software Wftpd 3.0_0r5
  • Texas Imperial Software Wftpd 3.0
  • Texas Imperial Software Wftpd 3.10_r1
  • Texas Imperial Software Wftpd 3.20
  • Texas Imperial Software Wftpd 3.21
  • Texas Imperial Software Wftpd pro_3.10_r1
  • Texas Imperial Software Wftpd pro_3.20
  • Texas Imperial Software Wftpd 3.0_0r5