Vulnerabilities > CVE-2006-5789 - Resource Management Errors vulnerability in Jgaa Warftpd 1.82.00Rc11
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
War FTP Daemon (WarFTPd) 1.82.00-RC11 allows remote authenticated users to cause a denial of service via a large number of "%s" format strings in (1) CWD, (2) CDUP, (3) DELE, (4) NLST, (5) LIST, (6) SIZE, and possibly other commands. NOTE: it is possible that vector 1 is an off-by-one variant or incomplete fix of CVE-2005-0312.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
References
- http://secunia.com/advisories/22755
- http://securityreason.com/securityalert/1832
- http://securitytracker.com/id?1017174
- http://www.securityfocus.com/archive/1/450804/100/0/threaded
- http://www.securityfocus.com/bid/20944
- http://www.vupen.com/english/advisories/2006/4398
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30077