CVE-2004-0794 - Multiple signal handler race conditions in lukemftpd (aka tnftpd before 20040810) allow remote authe

CVE-2004-0794

Summary

Multiple signal handler race conditions in lukemftpd (aka tnftpd before 20040810) allow remote authenticated attackers to cause a denial of service or execute arbitrary code.

References

Vulnerable Configurations

cpe:2.3:a:luke_mewburn:lukemftp:1.1:*:*:*:*:*:*:*
cpe:2.3:a:luke_mewburn:lukemftp:1.1:*:*:*:*:*:*:*
cpe:2.3:a:luke_mewburn:lukemftp:1.5:*:*:*:*:*:*:*
cpe:2.3:a:luke_mewburn:lukemftp:1.5:*:*:*:*:*:*:*
cpe:2.3:a:luke_mewburn:tnftpd:2003-12-17:*:*:*:*:*:*:*
cpe:2.3:a:luke_mewburn:tnftpd:2003-12-17:*:*:*:*:*:*:*

CVSS

Base:	5.1 (as of 11-07-2017 - 01:30)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	HIGH	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:H/Au:N/C:P/I:P/A:P

refmap via4

confirm	http://www.vuxml.org/freebsd/c4b025bb-f05d-11d8-9837-000c41e2cdad.html
debian	DSA-551
fulldisc	20040817 Multiple remote vulnerabilities in lukemftpd aka. tnftpd
netbsd	NetBSD-SA2004-009
xf	tnftpd-gain-access(17020)

Last major update

11-07-2017 - 01:30

Published

20-10-2004 - 04:00

Last modified

11-07-2017 - 01:30