CVE-2007-5300

Wzdftpd - Memory Corruption

Title source: rule

Description

Off-by-one error in the do_login_loop function in libwzd-core/wzd_login.c in wzdftpd 0.8.0, 0.8.2, and possibly other versions allows remote attackers to cause a denial of service (daemon crash) via a long USER command that triggers a stack-based buffer overflow. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by k1tk4t · perldoswindows

https://www.exploit-db.com/exploits/4498

View Code ZIP pw:eip

References (8)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/37010

[Vendor Advisory] http://secunia.com/advisories/27091

[Vendor Advisory] http://www.vupen.com/english/advisories/2007/3389

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/25967

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/37008

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/4498

[Third Party Advisory] http://www.debian.org/security/2008/dsa-1452

[Vendor Advisory] http://secunia.com/advisories/28342

Scores

EPSS 0.1459

EPSS Percentile 94.5%

Details

CWE

CWE-119 CWE-189

Status published

Products (2)

wzdftpd/wzdftpd 0.8.0

wzdftpd/wzdftpd 0.8.2

Published Oct 09, 2007

Tracked Since Feb 18, 2026