NVD

Id
57376  
Name
CVE-2007-5300  
Description
Off-by-one error in the do_login_loop function in libwzd-core/wzd_login.c in wzdftpd 0.8.0, 0.8.2, and possibly other versions allows remote attackers to cause a denial of service (daemon crash) via a long USER command that triggers a stack-based buffer overflow. NOTE: some of these details are obtained from third party information.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:P)  
Pub Date
2017-01-07  
Published
2007-10-09  
Modified Date
2011-08-30  
Seq
2007-5300  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
293159 57376 CVE-2007-5300 4498  View
293160 57376 CVE-2007-5300 DSA-1452  View
293161 57376 CVE-2007-5300 25967  View
293162 57376 CVE-2007-5300 ADV-2007-3389  View
293163 57376 CVE-2007-5300 wzdftpd-dologinloop-bo(37008)  View
293164 57376 CVE-2007-5300 wzdftpd-user-dos(37010)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
57500 JVNDB-2007-006192 wzdftpd の libwzd-core/wzd_login.c におけるサービス運用妨害 (DoS) の脆弱性 wzdftpd の libwzd-core/wzd_login.c の do_login_loop 関数は、一つずれエラー (Off-by-one) が発生するため、サービス運用妨害 (デーモンクラッシュ) 状態となる脆弱性が存在します。 CVE-2007-5300 28655 CVE-2007-5300 57376 5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-006192.html 2007-10-09 2012-12-20 View