Multiple format string vulnerabilities in the FTP service in 3Com 3CDaemon 2.0 revision 10 allow remote attackers to cause a denial of service (application crash) via format string specifiers in (1) the username, (2) cd, (3) delete, (4) rename, (5) rmdir, (6) literal, (7) stat, or (8) CWD commands.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| 3cdaemon | 3com | 2.0-revision_10 (including) | 2.0-revision_10 (including) |
References
- http://marc.info/?l=bugtraq\u0026m=110485674622696\u0026w=2
- http://www.securityfocus.com/bid/12155
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18751
- http://marc.info/?l=bugtraq\u0026m=110485674622696\u0026w=2
- http://www.securityfocus.com/bid/12155
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18751