Published: 01/02/2000 Updated: 18/10/2016

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Buffer overflow in War FTPd 1.6x allows users to cause a denial of service via long MKD and CWD commands.

Vulnerable Product	Search on Vulmon	Subscribe to Product
jgaa warftpd 1.66x4s
jgaa warftpd 1.67.3

source: wwwsecurityfocuscom/bid/966/info War-FTPd 167 and possibly previous versions are susceptible to a buffer overflow DoS attack Due to improper bounds checking in the code that handles MKD and CWD commands, it is possible to remotely crash the server by submitting extremely long pathnames as arguments to either command /*------ ...

Ivan Ricart Borges - WarFTP is prone to a stack-based buffer-overflow vulnerability because it fails to properly check boundaries on user-supplied data before copying it to an insufficiently sized buffer.

Buffer Overflow War FTP Daemon - CVE-2007-1567 Type: Unavailable / Other Severity: High Publication date: 03/21/2007 Last modified: 03/07/2011 Description Stack-based buffer overflow in War FTP Daemon 165, and possibly earlier, allows remote attackers to cause a denial of service or execute arbitrary code via unspecified vectors, as demonstrated by warftp_165tar by Immunity

NVD-CWE-Other http://www.securityfocus.com/bid/966 http://www.osvdb.org/4677 http://marc.info/?l=bugtraq&m=94960703721503&w=2 https://nvd.nist.gov https://github.com/iricartb/buffer-overflow-warftp-1.65 https://www.exploit-db.com/exploits/19740/

CVE-2000-0131

Vulnerability Summary

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect