CVE-2004-0069

HD Soft Windows FTP Server <1.6 - RCE

Title source: llm

Description

Format string vulnerability in HD Soft Windows FTP Server 1.6 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the username, which is processed by the wscanf function.

Exploits (1)

exploitdb WORKING POC VERIFIED

by mandragore · cremotewindows

https://www.exploit-db.com/exploits/23531

View Code ZIP pw:eip

References (4)

[Mailing List] http://marc.info/?l=bugtraq&m=107367110805273&w=2

[Exploit, Vendor Advisory] http://www.securityfocus.com/bid/9385

[Mailing List] http://marc.info/?l=bugtraq&m=107401398014761&w=2

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1008658

Scores

EPSS 0.0830

EPSS Percentile 92.3%

Details

Status published

Products (1)

hd_soft/windows_ftp_server < 1.6

Published Feb 17, 2004

Tracked Since Feb 18, 2026