CVE-2004-0340

Stack-based buffer overflow in WFTPD Pro Server 3.21 Release 1, Pro Server 3.20 Release 2, Server 3.21 Release 1, and Server 3.10 allows local users to execute arbitrary code via long (1) LIST, (2) NLST, or (3) STAT commands.

Published: Nov 23, 2004
Updated: Apr 13, 2023
CVE: CVE-2004-0340
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
texas_imperial_software / wftpd	3.21	3.21.x
texas_imperial_software / wftpd	3.20	3.20.x
texas_imperial_software / wftpd	3.0_0r5	3.0_0r5.x
texas_imperial_software / wftpd	3.10_r1	3.10_r1.x
texas_imperial_software / wftpd	pro_3.21	pro_3.21.x
texas_imperial_software / wftpd	3.0	3.0.x
texas_imperial_software / wftpd	3.0_0r3	3.0_0r3.x
texas_imperial_software / wftpd	pro_3.20	pro_3.20.x
texas_imperial_software / wftpd	3.0_0r4	3.0_0r4.x
texas_imperial_software / wftpd	pro_3.10_r1	pro_3.10_r1.x

http://marc.info/?l=bugtraq&m=107801208004699&w=2
http://secunia.com/advisories/11001
http://www.securityfocus.com/bid/9767
https://exchange.xforce.ibmcloud.com/vulnerabilities/15340

Vulnerability Database

289,697

CVE-2004-0340