Vulnerability Description
ArGoSoft FTP Server before 1.4.1.6 allows remote authenticated users to cause a denial of service (crash) via a SITE PASS command with a long password parameter, which causes the database to be corrupted.
CVSS Score
6.8
MEDIUM
AV:N/AC:L/Au:S/C:N/I:N/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Argosoft | Ftp Server | <= 1.4.1.5 |
References
- http://secunia.com/advisories/11002Patch
- http://www.argosoft.com/rootpages/FtpServer/ChangeList.aspx
- http://www.osvdb.org/11332
- http://www.securiteam.com/windowsntfocus/5RP010KCAO.html
- http://www.securityfocus.com/bid/9770ExploitPatch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15412
- http://secunia.com/advisories/11002Patch
- http://www.argosoft.com/rootpages/FtpServer/ChangeList.aspx
- http://www.osvdb.org/11332
- http://www.securiteam.com/windowsntfocus/5RP010KCAO.html
- http://www.securityfocus.com/bid/9770ExploitPatch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15412
FAQ
What is CVE-2004-2675?
CVE-2004-2675 is a vulnerability with a CVSS score of 6.8 (MEDIUM). ArGoSoft FTP Server before 1.4.1.6 allows remote authenticated users to cause a denial of service (crash) via a SITE PASS command with a long password parameter, which causes the database to be corrup...
How severe is CVE-2004-2675?
CVE-2004-2675 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2675?
Check the references section above for vendor advisories and patch information. Affected products include: Argosoft Ftp Server.