Vulnerability Description
Buffer overflow in Galacticomm Worldgroup FTP server 3.20 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a LIST command containing a large number of / (slash), * (wildcard), and .. characters.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Galacticomm Technologies | Worldgroup | 3.20 |
| Galacticomm Technologies | Worldgroup Lite Personal Server | 3.20 |
References
- http://marc.info/?l=bugtraq&m=101484128203523&w=2
- http://www.iss.net/security_center/static/8297.phpVendor Advisory
- http://www.securityfocus.com/bid/4185ExploitVendor Advisory
- http://marc.info/?l=bugtraq&m=101484128203523&w=2
- http://www.iss.net/security_center/static/8297.phpVendor Advisory
- http://www.securityfocus.com/bid/4185ExploitVendor Advisory
FAQ
What is CVE-2002-0336?
CVE-2002-0336 is a vulnerability with a CVSS score of 7.5 (HIGH). Buffer overflow in Galacticomm Worldgroup FTP server 3.20 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a LIST command containing a large n...
How severe is CVE-2002-0336?
CVE-2002-0336 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0336?
Check the references section above for vendor advisories and patch information. Affected products include: Galacticomm Technologies Worldgroup, Galacticomm Technologies Worldgroup Lite Personal Server.