Denial of Service Vulnerability in Xlight FTP Server by Xlight Software
CVE-2004-0287

Currently unrated

Key Information:

Vendor: Xlight Ftp Server
Status: Xlight Ftp Server
Vendor: CVE Published:; 23 November 2004

🔔 Create Xlight Ftp Server Vulnerability Alert

What is CVE-2004-0287?

The Xlight FTP Server version 1.52 is vulnerable to a denial of service attack triggered by remote authenticated users. When these users issue a RETR command that includes a long argument filled with multiple slash characters, it may lead to a crash of the FTP server. This issue possibly stems from a buffer overflow condition that fails to properly handle excessively long inputs, compromising the server's stability.

References

http://www.securityfocus.com/bid/9668

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/15220

vdb-entryx_refsource_XF

http://marc.info/?l=bugtraq&m=107695172917263&w=2

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 23, 2004
Vulnerability Reserved
Mar 17, 2004