CVE Vulnerabilities

CVE-2004-0159

Published: Mar 15, 2004 | Modified: Oct 10, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Format string vulnerability in hsftp 1.11 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via file names containing format string characters that are not properly handled when executing an ls command.

Affected Software

Name Vendor Start Version End Version
Hsftp Samhain_labs 1.4 1.4
Hsftp Samhain_labs 1.5 1.5
Hsftp Samhain_labs 1.6 1.6
Hsftp Samhain_labs 1.7 1.7
Hsftp Samhain_labs 1.9 1.9
Hsftp Samhain_labs 1.10 1.10
Hsftp Samhain_labs 1.11 1.11

References