Published: 23/11/2004 Updated: 11/07/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Xlight 1.52, with log to screen enabled, allows remote malicious users to cause a denial of service by requesting a long directory consisting of . (dot) and / (slash) characters, which causes the server to crash when the administrator views the log file, possibly triggering a buffer overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xlight ftp server xlight ftp server 1.25
xlight ftp server xlight ftp server 1.41
xlight ftp server xlight ftp server 1.45
xlight ftp server xlight ftp server 1.52

source: wwwsecurityfocuscom/bid/9585/info A problem in the handling of large requests has been reported to result in service instability in XLight FTP Server under some circumstances Because of this, it may be possible for a remote attacker to deny service to legitimate users of the software ftp://user@127001/ ...

NVD-CWE-Other http://www.securityfocus.com/bid/9585 http://marc.info/?l=bugtraq&m=107605633904122&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/15064 https://nvd.nist.gov https://www.exploit-db.com/exploits/23654/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-0255

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect