Texas Imperial Software: >> Wftpd >> 3.0 Security Vulnerabilities
Stack-based buffer overflow in WFTPD Pro Server 3.21 Release 1, Pro Server 3.20 Release 2, Server 3.21 Release 1, and Server 3.10 allows local users to execute arbitrary code via long (1) LIST, (2) NLST, or (3) STAT commands.
CVSS Score
7.2
EPSS Score
0.001
Published
2004-11-23
WFTPD Pro Server 3.21 Release 1 allocates memory for a command until a 0Ah byte (newline) is sent, which allows local users to cause a denial of service (CPU consumption) by continuing to send a long command that does not contain a newline.
CVSS Score
2.1
EPSS Score
0.001
Published
2004-11-23
Directory traversal vulnerability in Winsock FTPd (WFTPD) 3.00 and 2.41 with the "Restrict to home directory" option enabled allows local users to escape the home directory via a "/../" string, a variation of the .. (dot dot) attack.
CVSS Score
5.0
EPSS Score
0.002
Published
2001-01-09