CVE-2004-0340

WFTPD Pro <3.21 - Buffer Overflow

Title source: llm

Description

Stack-based buffer overflow in WFTPD Pro Server 3.21 Release 1, Pro Server 3.20 Release 2, Server 3.21 Release 1, and Server 3.10 allows local users to execute arbitrary code via long (1) LIST, (2) NLST, or (3) STAT commands.

Exploits (1)

exploitdb WORKING POC VERIFIED

by rdxaxl · cremotewindows

https://www.exploit-db.com/exploits/159

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/15340

[Third Party Advisory] http://secunia.com/advisories/11001

[Mailing List] http://marc.info/?l=bugtraq&m=107801208004699&w=2

[Exploit, Patch, Vendor Advisory] http://www.securityfocus.com/bid/9767

Scores

EPSS 0.0014

EPSS Percentile 33.9%

Details

Status published

Products (10)

texas_imperial_software/wftpd 3.0 (2 CPE variants)

texas_imperial_software/wftpd 3.0_0r3

texas_imperial_software/wftpd 3.0_0r4 (2 CPE variants)

texas_imperial_software/wftpd 3.0_0r5 (2 CPE variants)

texas_imperial_software/wftpd 3.10_r1

texas_imperial_software/wftpd 3.20

texas_imperial_software/wftpd 3.21

texas_imperial_software/wftpd pro_3.10_r1

texas_imperial_software/wftpd pro_3.20

texas_imperial_software/wftpd pro_3.21

Published Nov 23, 2004

Tracked Since Feb 18, 2026