CVE-2004-1642

WFTPD Pro Server 3.21 - Authenticated Denial of Service via Long MLIST Commands

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1642. PoCs published by lion.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in WFTPD Pro Server 3.21 via the MLST command. It sends increasingly large buffers to trigger a denial-of-service (DoS) condition.

Description

WFTPD Pro Server 3.21 allows remote authenticated users to cause a denial of service (crash) via a series of long MLIST commands.

Exploits (1)

exploitdb WORKING POC VERIFIED

by lion · cdoswindows

https://www.exploit-db.com/exploits/427

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in WFTPD Pro Server 3.21 via the MLST command. It sends increasingly large buffers to trigger a denial-of-service (DoS) condition.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: WFTPD Pro Server 3.21

Auth required

Prerequisites: Network access to the target FTP server · Valid FTP credentials (anonymous by default)

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=109396193723317&w=2

Exploit, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/11067

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/17169

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/12420

Scores

EPSS 0.0312

EPSS Percentile 86.1%

Details

Status published

Products (4)

texas_imperial_software/wftpd 3.21

texas_imperial_software/wftpd 3.21_r1

texas_imperial_software/wftpd 3.21_r2

texas_imperial_software/wftpd 3.21_r3

Published Aug 29, 2004

Tracked Since Feb 18, 2026