Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0312

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2005-0312
Last Modified 05 Sep 2008 04:45:55
Published 27 Jan 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-0312

Summary

WarFTPD 1.82 RC9, when running as an NT service, allows remote authenticated users to cause a denial of service (access violation) via a CWD command with a crafted pathname, as demonstrated using a large string of "%s" sequences, possibly indicating a format string vulnerability.

Vulnerable Systems

Application

  • War Ftp Daemon 1.8

  • War Ftp Daemon 1.82 Rc9


References

BID - 12384

BUGTRAQ - 20050127 WarFTPD 1.82 RC9 DoS

XF - warftpd-cwd-dos(19129)

CONFIRM - http://support.jgaa.com/index.php?cmd=ShowReport&ID=02643


Last Updated: 27 May 2016 10:39:46