RSS   Podatności dla 'Wzdftpd'   RSS

2007-10-09
 
CVE-2007-5300

CWE-189
 

 
Off-by-one error in the do_login_loop function in libwzd-core/wzd_login.c in wzdftpd 0.8.0, 0.8.2, and possibly other versions allows remote attackers to cause a denial of service (daemon crash) via a long USER command that triggers a stack-based buffer overflow. NOTE: some of these details are obtained from third party information.

 
2007-01-22
 
CVE-2007-0428

CWE-Other
 

 
Unspecified vulnerability in the chtbl_lookup function in hash.c for WzdFTPD 8.0 and earlier allows remote attackers to cause a denial of service via a crafted FTP command, probably due to a NULL pointer dereference.

 
2005-09-27
 
CVE-2005-3081

 

 
wzdftpd 0.5.4 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the SITE command.

 
2003-08-07
 
CVE-2003-0477

 

 
wzdftpd 0.1rc4 and earlier allows remote attackers to cause a denial of service (crash) via a PORT command without an argument.

 


Copyright 2024, cxsecurity.com

 

Back to Top