CVE Vulnerabilities

CVE-2004-0255

Published: Nov 23, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

Xlight 1.52, with log to screen enabled, allows remote attackers to cause a denial of service by requesting a long directory consisting of . (dot) and / (slash) characters, which causes the server to crash when the administrator views the log file, possibly triggering a buffer overflow.

Affected Software

Name Vendor Start Version End Version
Xlight_ftp_server Xlight_ftp_server 1.25 1.25
Xlight_ftp_server Xlight_ftp_server 1.41 1.41
Xlight_ftp_server Xlight_ftp_server 1.45 1.45
Xlight_ftp_server Xlight_ftp_server 1.52 1.52

References