CVE-2004-0325

TYPSoft FTP Server 1.10 allows remote authenticated users to cause a denial of service (CPU consumption) via "//../" arguments to (1) mkd, (2) xmkd, (3) dele, (4) size, (5) retr, (6) stor, (7) appe, (8) rnfr, (9) rnto, (10) rmd, or (11) xrmd, as demonstrated using "//../qwerty".

Published: Dec 31, 2004
Updated: Apr 13, 2023
CVE: CVE-2004-0325
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
typsoft / typsoft_ftp_server	1.10	1.10.x

http://marc.info/?l=bugtraq&m=107764173821905&w=2
http://www.securityfocus.com/bid/9702
https://exchange.xforce.ibmcloud.com/vulnerabilities/15306

Vulnerability Database

CVE-2004-0325