CVE-2004-0341

WFTPD Pro Server 3.21 Release 1 allocates memory for a command until a 0Ah byte (newline) is sent, which allows local users to cause a denial of service (CPU consumption) by continuing to send a long command that does not contain a newline.

Published: Nov 23, 2004
Updated: Apr 13, 2023
CVE: CVE-2004-0341
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
texas_imperial_software / wftpd	3.21	3.21.x
texas_imperial_software / wftpd	3.20	3.20.x
texas_imperial_software / wftpd	3.0_0r5	3.0_0r5.x
texas_imperial_software / wftpd	3.10_r1	3.10_r1.x
texas_imperial_software / wftpd	pro_3.21	pro_3.21.x
texas_imperial_software / wftpd	3.0	3.0.x
texas_imperial_software / wftpd	3.0_0r3	3.0_0r3.x
texas_imperial_software / wftpd	pro_3.20	pro_3.20.x
texas_imperial_software / wftpd	3.0_0r4	3.0_0r4.x
texas_imperial_software / wftpd	pro_3.10_r1	pro_3.10_r1.x

http://marc.info/?l=bugtraq&m=107801142924976&w=2
http://secunia.com/advisories/11001
http://www.osvdb.org/4115
http://www.securityfocus.com/bid/9767
https://exchange.xforce.ibmcloud.com/vulnerabilities/15341

Vulnerability Database

289,697

CVE-2004-0341