Buffer Overflow in Vermillion FTP Daemon Allows Remote Exploitation
CVE-1999-1058

Currently unrated

Key Information:

Vendor: Arcane Software
Status: Vermillion Ftp Daemon
Vendor: CVE Published:; 22 November 1999

🔔 Create Arcane Software Vulnerability Alert

What is CVE-1999-1058?

The Vermillion FTP Daemon (VFTPD) version 1.23 is vulnerable to a buffer overflow attack due to improperly handled CWD commands. Remote attackers can exploit this vulnerability by sending specially crafted long CWD commands, leading to a denial of service. In some cases, this flaw may also allow attackers to execute arbitrary commands on the affected system, posing significant security risks.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/3543

vdb-entryx_refsource_XF

http://marc.info/?l=ntbugtraq&m=94337185023159&w=2

mailing-listx_refsource_NTBUGTRAQ

http://marc.info/?l=bugtraq&m=94329968617085&w=2

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Aug 31, 2001
Vulnerability published
Nov 22, 1999