Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0277

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-0277
Last Modified 05 Sep 2008 04:38:00
Published 23 Nov 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0277

Summary

Format string vulnerability in Dream FTP 1.02 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the username.

Vulnerable Systems

Application

  • Bolintech Dream Ftp Server 1.02


References

XF - dreamftp-username-format-string(15070)

BID - 9600

MISC - http://www.security-protocols.com/modules.php?name=News&file=article&sid=1722

BUGTRAQ - 20040211 Re: [Full-Disclosure] DreamFTP Server 1.02 Buffer Overflow

FULLDISC - 20040207 DreamFTP Server 1.02 Buffer Overflow


Last Updated: 27 May 2016 10:38:32