Xlight 1.52, with log to screen enabled, allows remote malicious users to cause a denial of service by requesting a long directory consisting of . (dot) and / (slash) characters, which causes the server to crash when the administrator views the log file, possibly triggering a buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xlight ftp server xlight ftp server 1.25 |
||
xlight ftp server xlight ftp server 1.41 |
||
xlight ftp server xlight ftp server 1.45 |
||
xlight ftp server xlight ftp server 1.52 |