Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0346

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2004-0346
Last Modified 05 Sep 2008 04:38:11
Published 23 Nov 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-0346

Summary

Off-by-one buffer overflow in _xlate_ascii_write() in ProFTPD 1.2.7 through 1.2.9rc2p allows local users to gain privileges via a 1024 byte RETR command.

Vulnerable Systems

Application

  • Proftpd Project Proftpd 1.2.7

  • Proftpd Project Proftpd 1.2.8

  • Proftpd Project Proftpd 1.2.9 Rc1

  • Proftpd Project Proftpd 1.2.9 Rc2


References

XF - proftpd-offbyone-bo(15387)

BID - 9782

BUGTRAQ - 20040302 The Cult of a Cardinal Number


Last Updated: 27 May 2016 10:38:34