Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2007-5300

Published: 09/10/2007 Updated: 19/10/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Wzdftpd

Vulnerability Summary

Off-by-one error in the do_login_loop function in libwzd-core/wzd_login.c in wzdftpd 0.8.0, 0.8.2, and possibly other versions allows remote malicious users to cause a denial of service (daemon crash) via a long USER command that triggers a stack-based buffer overflow. NOTE: some of these details are obtained from third party information.

Vulnerable Product Search on Vulmon Subscribe to Product

wzdftpd wzdftpd 0.8.0

wzdftpd wzdftpd 0.8.2

Vendor Advisories

Debian Security Advisories: DSA-1452-1 wzdftpd -- denial of service
k1tk4t discovered that wzdftpd, a portable, modular, small and efficient ftp server, did not correctly handle the receipt of long usernames This could allow remote users to cause the daemon to exit For the old stable distribution (sarge), this problem has been fixed in version 052-11sarge3 For the stable distribution (etch), this problem has ...

Exploits

Exploit DB: WzdFTPD 0.8.0 - 'USER' Remote Denial of Service
# Indonesian Newhack Security Advisory # ------------------------------------ # wzdftpd <= 080 (USER) Remote Danial of Service # Waktu : Oct 07 2007 05:00AM # Software : wzdftpd 080 # Version : 080 Linux and Windows # Vendor : wwwwzdftpdnet/ # Ditemukan oleh : k1tk4t | newhackorg # ...

References

CWE-119CWE-189http://secunia.com/advisories/27091http://www.securityfocus.com/bid/25967http://www.debian.org/security/2008/dsa-1452http://secunia.com/advisories/28342http://www.vupen.com/english/advisories/2007/3389https://exchange.xforce.ibmcloud.com/vulnerabilities/37010https://exchange.xforce.ibmcloud.com/vulnerabilities/37008https://www.exploit-db.com/exploits/4498https://www.debian.org/security/./dsa-1452https://nvd.nist.govhttps://www.exploit-db.com/exploits/4498/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code executionCVE-2024-34909CVE-2024-3317SSTICVE-2024-3400CVE-2024-30051wirelessCVE-2024-4622CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook