| |
Vulnerability CVE-2004-0340
Published: 2004-11-23 Modified: 2012-02-12
| Description: |
Stack-based buffer overflow in WFTPD Pro Server 3.21 Release 1, Pro Server 3.20 Release 2, Server 3.21 Release 1, and Server 3.10 allows local users to execute arbitrary code via long (1) LIST, (2) NLST, or (3) STAT commands. |
CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
7.2/10 |
10/10 |
3.9/10 |
| Exploit range |
Attack complexity |
Authentication |
Local |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Complete |
Complete |
Complete |
References: |
http://marc.info/?l=bugtraq&m=107801208004699&w=2
http://www.securityfocus.com/bid/9767
http://xforce.iss.net/xforce/xfdb/15340
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
