Vulnerability Description
Stack-based buffer overflow in WFTPD Pro Server 3.21 Release 1, Pro Server 3.20 Release 2, Server 3.21 Release 1, and Server 3.10 allows local users to execute arbitrary code via long (1) LIST, (2) NLST, or (3) STAT commands.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Texas Imperial Software | Wftpd | 3.0 |
References
- http://marc.info/?l=bugtraq&m=107801208004699&w=2
- http://secunia.com/advisories/11001
- http://www.securityfocus.com/bid/9767ExploitPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15340
- http://marc.info/?l=bugtraq&m=107801208004699&w=2
- http://secunia.com/advisories/11001
- http://www.securityfocus.com/bid/9767ExploitPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15340
FAQ
What is CVE-2004-0340?
CVE-2004-0340 is a vulnerability with a CVSS score of 7.2 (HIGH). Stack-based buffer overflow in WFTPD Pro Server 3.21 Release 1, Pro Server 3.20 Release 2, Server 3.21 Release 1, and Server 3.10 allows local users to execute arbitrary code via long (1) LIST, (2) NL...
How severe is CVE-2004-0340?
CVE-2004-0340 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0340?
Check the references section above for vendor advisories and patch information. Affected products include: Texas Imperial Software Wftpd.