CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-0255

Xlight 1.52, with log to screen enabled, allows remote attackers to cause a denial of service by requesting a long directory consisting of . (dot) and / (slash) characters, which causes the server to crash when the administrator views the log file, possibly triggering a buffer overflow.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.047

EPSS Ranking 88.8%

CVSS Severity

CVSS v2 Score 5.0

References

http://marc.info/?l=bugtraq&m=107605633904122&w=2
http://www.securityfocus.com/bid/9585
https://exchange.xforce.ibmcloud.com/vulnerabilities/15064
http://marc.info/?l=bugtraq&m=107605633904122&w=2
http://www.securityfocus.com/bid/9585
https://exchange.xforce.ibmcloud.com/vulnerabilities/15064

Products affected by CVE-2004-0255

Xlight Ftp Server » Xlight Ftp Server » Version: 1.25

cpe:2.3:a:xlight_ftp_server:xlight_ftp_server:1.25
Xlight Ftp Server » Xlight Ftp Server » Version: 1.41

cpe:2.3:a:xlight_ftp_server:xlight_ftp_server:1.41
Xlight Ftp Server » Xlight Ftp Server » Version: 1.45

cpe:2.3:a:xlight_ftp_server:xlight_ftp_server:1.45
Xlight Ftp Server » Xlight Ftp Server » Version: 1.52

cpe:2.3:a:xlight_ftp_server:xlight_ftp_server:1.52

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-0255

Products

Pricing

Contact Us