CVE-2004-0255
Xlight FTP Server 1.52 - Denial of Service via Long Directory Request
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2004-0255. PoCs published by intuit.
AI-analyzed exploit summary This exploit targets a denial-of-service vulnerability in XLight FTP Server by sending an excessively long path in an FTP request, causing service instability. The PoC demonstrates the issue by crafting a malformed FTP URL with an extended path.
Description
Xlight 1.52, with log to screen enabled, allows remote attackers to cause a denial of service by requesting a long directory consisting of . (dot) and / (slash) characters, which causes the server to crash when the administrator views the log file, possibly triggering a buffer overflow.
Exploits (1)
This exploit targets a denial-of-service vulnerability in XLight FTP Server by sending an excessively long path in an FTP request, causing service instability. The PoC demonstrates the issue by crafting a malformed FTP URL with an extended path.