MidnightBSD

Advisories for xlight_ftp_server

CVE-2004-0255 MEDIUM

Xlight 1.52, with log to screen enabled, allows remote attackers to cause a denial of service by requesting a long directory consisting of . (dot) and / (slash) characters, which causes the server to crash when the administrator views the log file, possibly triggering a buffer overflow.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
xlight_ftp_server xlight_ftp_server 1.52
xlight_ftp_server xlight_ftp_server 1.45
xlight_ftp_server xlight_ftp_server 1.25
xlight_ftp_server xlight_ftp_server 1.41
CVE-2004-0287 MEDIUM

Xlight FTP server 1.52 allows remote authenticated users to cause a denial of service (crash) via a RETR command with a long argument containing a large number of / (slash) characters, possibly triggering a buffer overflow.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
xlight_ftp_server xlight_ftp_server 1.52