CVE Vulnerabilities

CVE-2004-0342

Published: Nov 23, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

WFTPD Pro Server 3.21 Release 1, with the XeroxDocutech option enabled, allows local users to cause a denial of service (crash) via a (1) MKD or (2) XMKD command that causes an absolute path of 260 characters to be used, which overwrites a cookie with a null character, possibly due to an off-by-one error.

Affected Software

Name Vendor Start Version End Version
Wftpd Texas_imperial_software 3.0 3.0
Wftpd Texas_imperial_software 3.0 3.0
Wftpd Texas_imperial_software 3.0_0r3 3.0_0r3
Wftpd Texas_imperial_software 3.0_0r4 3.0_0r4
Wftpd Texas_imperial_software 3.0_0r4 3.0_0r4
Wftpd Texas_imperial_software 3.0_0r5 3.0_0r5
Wftpd Texas_imperial_software 3.0_0r5 3.0_0r5
Wftpd Texas_imperial_software 3.10_r1 3.10_r1
Wftpd Texas_imperial_software 3.20 3.20
Wftpd Texas_imperial_software 3.21 3.21
Wftpd Texas_imperial_software pro_3.10_r1 pro_3.10_r1
Wftpd Texas_imperial_software pro_3.20 pro_3.20
Wftpd Texas_imperial_software pro_3.21 pro_3.21

References