Back to search
CVE-2004-0342
Published: Mar 18, 2004
Modified: Aug 8, 2024
PUBLISHED
Description
WFTPD Pro Server 3.21 Release 1, with the XeroxDocutech option enabled, allows local users to cause a denial of service (crash) via a (1) MKD or (2) XMKD command that causes an absolute path of 260 characters to be used, which overwrites a cookie with a null character, possibly due to an off-by-one error.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20040228 Multiple WFTPD Denial of Service vulnerabilities
mailing-list
x_refsource_BUGTRAQ
4116
vdb-entry
x_refsource_OSVDB
11001
third-party-advisory
x_refsource_SECUNIA
wftpd-ftp-command-dos(15342)
vdb-entry
x_refsource_XF
9767
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now