CVE

Id
28657  
CVE No.
CVE-2007-5300  
Status
Candidate  
Description
Off-by-one error in the do_login_loop function in libwzd-core/wzd_login.c in wzdftpd 0.8.0, 0.8.2, and possibly other versions allows remote attackers to cause a denial of service (daemon crash) via a long USER command that triggers a stack-based buffer overflow. NOTE: some of these details are obtained from third party information.  
Phase
Assigned (20071009)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
298617 28657 CVE-2007-5300 MILW0RM:4498  View
298618 28657 CVE-2007-5300 URL:http://milw0rm.com/exploits/4498  View
298619 28657 CVE-2007-5300 DEBIAN:DSA-1452  View
298620 28657 CVE-2007-5300 URL:http://www.debian.org/security/2008/dsa-1452  View
298621 28657 CVE-2007-5300 BID:25967  View
298622 28657 CVE-2007-5300 URL:http://www.securityfocus.com/bid/25967  View
298623 28657 CVE-2007-5300 VUPEN:ADV-2007-3389  View
298624 28657 CVE-2007-5300 URL:http://www.vupen.com/english/advisories/2007/3389  View
298625 28657 CVE-2007-5300 SECUNIA:27091  View
298626 28657 CVE-2007-5300 URL:http://secunia.com/advisories/27091  View
298627 28657 CVE-2007-5300 SECUNIA:28342  View
298628 28657 CVE-2007-5300 URL:http://secunia.com/advisories/28342  View
298629 28657 CVE-2007-5300 XF:wzdftpd-dologinloop-bo(37008)  View
298630 28657 CVE-2007-5300 URL:http://xforce.iss.net/xforce/xfdb/37008  View
298631 28657 CVE-2007-5300 XF:wzdftpd-user-dos(37010)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
55796 JVNDB-2007-004488 Linux および Windows の HP-UX および SMH におけるクロスサイトスクリプティングの脆弱性 Linux および Windows の HP-UX および SMH の HP System Management Homepage (SMH) には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2007-5302 28657 4.3 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-004488.html  View