Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2037

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-2037
Last Modified 05 Sep 2008 04:43:01
Published 24 Mar 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-2037

Summary

Buffer overflow in Mollensoft Lightweight FTP Server 3.6 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long CWD command, as demonstrated in one example by using the "cd" command in an interactive FTP client.

Vulnerable Systems

Application

  • Mollensoft Software Lightweight Ftp Server 3.6


References

XF - mollensoft-cwd-command-bo(16237)

OSVDB - 6412

XF - mollensoft-cd-bo(16303)

BID - 10429

BID - 10409

BUGTRAQ - 20040601 Mollensoft Lightweight FTP Server CWD Buffer Overflow

BUGTRAQ - 20040528 Mollensoft ftp Server ver 3.6 Buffer overflow

SECTRACK - 1010328


Last Updated: 27 May 2016 10:39:18