VAR-200701-0599
Vulnerability from variot - Updated: 2022-05-17 01:58WzdFTPD is an ftp server that runs on the linux/win32/freebsd/openbsd platform. WzdFTPD has a vulnerability in handling malformed user requests, and remote attackers can cause WzdFTPD to refuse service by sending a specially crafted FTP command. The 'wzdftpd' program is prone to multiple remote denial-of-service vulnerabilities. Exploiting these issues allows remote attackers to crash the application, denying further service to legitimate users. These issues reportedly affect versions prior to 0.8.1
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200701-0599",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "wzdftpd",
"scope": "eq",
"trust": 0.3,
"vendor": "wzdftpd",
"version": "0.8"
},
{
"model": "wzdftpd",
"scope": "eq",
"trust": 0.3,
"vendor": "wzdftpd",
"version": "0.7.3"
},
{
"model": "wzdftpd",
"scope": "eq",
"trust": 0.3,
"vendor": "wzdftpd",
"version": "0.7.2"
},
{
"model": "wzdftpd",
"scope": "eq",
"trust": 0.3,
"vendor": "wzdftpd",
"version": "0.7.1"
},
{
"model": "wzdftpd",
"scope": "eq",
"trust": 0.3,
"vendor": "wzdftpd",
"version": "0.7"
},
{
"model": "wzdftpd",
"scope": "eq",
"trust": 0.3,
"vendor": "wzdftpd",
"version": "0.6"
},
{
"model": "wzdftpd",
"scope": "eq",
"trust": 0.3,
"vendor": "wzdftpd",
"version": "0.5.4"
},
{
"model": "wzdftpd",
"scope": "eq",
"trust": 0.3,
"vendor": "wzdftpd",
"version": "0.5.2"
},
{
"model": "rc5",
"scope": "eq",
"trust": 0.3,
"vendor": "wzdftpd",
"version": "0.1"
},
{
"model": "rc4",
"scope": "eq",
"trust": 0.3,
"vendor": "wzdftpd",
"version": "0.1"
},
{
"model": "cvs-20030613",
"scope": "eq",
"trust": 0.3,
"vendor": "wzdftpd",
"version": "0.1"
},
{
"model": "wzdftpd",
"scope": "eq",
"trust": 0.3,
"vendor": "wzdftpd",
"version": "0.1"
},
{
"model": "wzdftpd",
"scope": "ne",
"trust": 0.3,
"vendor": "wzdftpd",
"version": "0.8.1"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2007-0484"
},
{
"db": "BID",
"id": "22152"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jose Miguel Esparza is credited with the discovery of these vulnerabilities.",
"sources": [
{
"db": "BID",
"id": "22152"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2007-0484",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2007-0484",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2007-0484"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WzdFTPD is an ftp server that runs on the linux/win32/freebsd/openbsd platform. WzdFTPD has a vulnerability in handling malformed user requests, and remote attackers can cause WzdFTPD to refuse service by sending a specially crafted FTP command. The \u0027wzdftpd\u0027 program is prone to multiple remote denial-of-service vulnerabilities. \nExploiting these issues allows remote attackers to crash the application, denying further service to legitimate users. \nThese issues reportedly affect versions prior to 0.8.1",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2007-0484"
},
{
"db": "BID",
"id": "22152"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "22152",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2007-0484",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2007-0484"
},
{
"db": "BID",
"id": "22152"
}
]
},
"id": "VAR-200701-0599",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2007-0484"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2007-0484"
}
]
},
"last_update_date": "2022-05-17T01:58:14.483000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.s21sec.com/avisos/s21sec-033-en.txt"
},
{
"trust": 0.3,
"url": "http://www.wzdftpd.net/"
}
],
"sources": [
{
"db": "BID",
"id": "22152"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2007-0484"
},
{
"db": "BID",
"id": "22152"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-01-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2007-0484"
},
{
"date": "2007-01-19T00:00:00",
"db": "BID",
"id": "22152"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-01-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2007-0484"
},
{
"date": "2007-01-25T16:24:00",
"db": "BID",
"id": "22152"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "22152"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WzdFTPD Remote Denial of Service Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2007-0484"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "22152"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…