Buffer Overflow Vulnerability in FreeFTPd by freeFTPd
CVE-2005-3684

Currently unrated

Key Information:

Vendor

Freeftpd

Status
Freeftpd
Vendor
CVE Published:
19 November 2005

What is CVE-2005-3684?

FreeFTPd 1.0.8 contains multiple buffer overflow vulnerabilities that can be exploited by remote authenticated attackers. When logging is disabled, attackers can execute long MKD and DELE commands, potentially leading to application crashes or arbitrary code execution. The lack of proper bounds checking allows these commands to overflow the buffer, resulting in a denial of service and various security risks.

References

http://www.securityfocus.com/bid/15486
vdb-entryx_refsource_BID
http://www.vupen.com/english/advisories/2005/2471
vdb-entryx_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/23118
vdb-entryx_refsource_XF

EPSS Score

14% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.