CVE-2004-2675

Argosoft FTP Server < 1.4.1.5 - Denial of Service

Title source: rule

Description

ArGoSoft FTP Server before 1.4.1.6 allows remote authenticated users to cause a denial of service (crash) via a SITE PASS command with a long password parameter, which causes the database to be corrupted.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Beyond Security · perldoswindows

https://www.exploit-db.com/exploits/23769

View Code ZIP pw:eip

References (6)

[Exploit, Patch] http://www.securityfocus.com/bid/9770

[Various Sources] http://www.argosoft.com/rootpages/FtpServer/ChangeList.aspx

[Patch] http://secunia.com/advisories/11002

[Various Sources] http://www.securiteam.com/windowsntfocus/5RP010KCAO.html

[Third Party Advisory, VDB Entry] http://www.osvdb.org/11332

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/15412

Scores

EPSS 0.0785

EPSS Percentile 92.0%

Details

Status published

Products (1)

argosoft/ftp_server < 1.4.1.5

Published Dec 31, 2004

Tracked Since Feb 18, 2026