Lucene search

[email protected]CVE-2004-0277

HistoryNov 23, 2004 - 5:00 a.m.

CVE-2004-0277

2004-11-2305:00:00

[email protected]

web.nvd.nist.gov

cve-2004-0277

dream ftp

format string vulnerability

remote attackers

denial of service

crash

arbitrary code

nvd

security issue

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

High

0.112 Low

EPSS

Percentile

95.2%

JSON

Format string vulnerability in Dream FTP 1.02 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the username.

Affected configurations

NVD

Node

bolintechdream_ftp_serverMatch1.02

CPENameOperatorVersion
bolintech:dream_ftp_serverbolintech dream ftp servereq1.02

CPE	Name	Operator	Version
bolintech:dream_ftp_server	bolintech dream ftp server	eq	1.02

References

lists.grok.org.uk/pipermail/full-disclosure/2004-February/016871.html

marc.info/?l=bugtraq&m=107656166402882&w=2

www.security-protocols.com/modules.php?name=News&file=article&sid=1722

www.securityfocus.com/bid/9600

exchange.xforce.ibmcloud.com/vulnerabilities/15070

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

High

0.112 Low

EPSS

Percentile

95.2%

JSON

Related for CVE-2004-0277

cvelist1 exploitdb1 nvd1