Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2004-0340

Stack-based buffer overflow in WFTPD Pro Server 3.21 Release 1, Pro Server 3.20 Release 2, Server 3.21 Release 1, and Server 3.10 allows local users to execute arbitrary code via long (1) LIST, (2) NLST, or (3) STAT commands.

Published

2004-11-23T05:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.2 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

  • Access Vector: LOCAL
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: COMPLETE
  • Integrity Impact: COMPLETE
  • Availability Impact: COMPLETE
Exploitability Score

3.9

Impact Score

10.0

Weaknesses
  • Type: Primary
    NVD-CWE-Other
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application texas_imperial_software wftpd 3.0 Yes
Application texas_imperial_software wftpd 3.0 Yes
Application texas_imperial_software wftpd 3.0_0r3 Yes
Application texas_imperial_software wftpd 3.0_0r4 Yes
Application texas_imperial_software wftpd 3.0_0r4 Yes
Application texas_imperial_software wftpd 3.0_0r5 Yes
Application texas_imperial_software wftpd 3.0_0r5 Yes
Application texas_imperial_software wftpd 3.10_r1 Yes
Application texas_imperial_software wftpd 3.20 Yes
Application texas_imperial_software wftpd 3.21 Yes
Application texas_imperial_software wftpd pro_3.10_r1 Yes
Application texas_imperial_software wftpd pro_3.20 Yes
Application texas_imperial_software wftpd pro_3.21 Yes
References