Vulnerability Details : CVE-2004-0340
Potential exploit
Stack-based buffer overflow in WFTPD Pro Server 3.21 Release 1, Pro Server 3.20 Release 2, Server 3.21 Release 1, and Server 3.10 allows local users to execute arbitrary code via long (1) LIST, (2) NLST, or (3) STAT commands.
Vulnerability category: OverflowExecute code
Products affected by CVE-2004-0340
- cpe:2.3:a:texas_imperial_software:wftpd:3.0:*:pro:*:*:*:*:*
- cpe:2.3:a:texas_imperial_software:wftpd:3.0_0r3:*:*:*:*:*:*:*
- cpe:2.3:a:texas_imperial_software:wftpd:3.0_0r4:*:*:*:*:*:*:*
- cpe:2.3:a:texas_imperial_software:wftpd:3.0_0r4:*:pro:*:*:*:*:*
- cpe:2.3:a:texas_imperial_software:wftpd:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:texas_imperial_software:wftpd:3.0_0r5:*:*:*:*:*:*:*
- cpe:2.3:a:texas_imperial_software:wftpd:3.0_0r5:*:pro:*:*:*:*:*
- cpe:2.3:a:texas_imperial_software:wftpd:3.21:*:*:*:*:*:*:*
- cpe:2.3:a:texas_imperial_software:wftpd:pro_3.10_r1:*:*:*:*:*:*:*
- cpe:2.3:a:texas_imperial_software:wftpd:3.10_r1:*:*:*:*:*:*:*
- cpe:2.3:a:texas_imperial_software:wftpd:3.20:*:*:*:*:*:*:*
- cpe:2.3:a:texas_imperial_software:wftpd:pro_3.20:*:*:*:*:*:*:*
- cpe:2.3:a:texas_imperial_software:wftpd:pro_3.21:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2004-0340
0.14%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 31 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2004-0340
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
References for CVE-2004-0340
-
http://marc.info/?l=bugtraq&m=107801208004699&w=2
-
http://secunia.com/advisories/11001
About Secunia Research | Flexera
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/15340
-
http://www.securityfocus.com/bid/9767
Exploit;Patch;Vendor Advisory
Jump to