WFTPD Pro Server 3.21 Release 1 allocates memory for a command until a 0Ah byte (newline) is sent, which allows local users to cause a denial of service (CPU consumption) by continuing to send a long command that does not contain a newline.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Wftpd | Texas_imperial_software | 3.0 (including) | 3.0 (including) |
Wftpd | Texas_imperial_software | 3.0_0r3 (including) | 3.0_0r3 (including) |
Wftpd | Texas_imperial_software | 3.0_0r4 (including) | 3.0_0r4 (including) |
Wftpd | Texas_imperial_software | 3.0_0r5 (including) | 3.0_0r5 (including) |
Wftpd | Texas_imperial_software | 3.10_r1 (including) | 3.10_r1 (including) |
Wftpd | Texas_imperial_software | 3.20 (including) | 3.20 (including) |
Wftpd | Texas_imperial_software | 3.21 (including) | 3.21 (including) |
Wftpd | Texas_imperial_software | pro_3.10_r1 (including) | pro_3.10_r1 (including) |
Wftpd | Texas_imperial_software | pro_3.20 (including) | pro_3.20 (including) |
Wftpd | Texas_imperial_software | pro_3.21 (including) | pro_3.21 (including) |