CVE-2004-1294

The mget function in cmds.c for tnftp 20030825 allows remote FTP servers to overwrite arbitrary files via FTP responses containing file names with / (slash) characters.
Configurations

Configuration 1 (hide)

cpe:2.3:a:luke_mewburn:tnftp:2003-08-25:*:*:*:*:*:*:*

History

20 Nov 2024, 23:50

Type Values Removed Values Added
References () http://tigger.uic.edu/~jlongs2/holes/tnftp.txt - Exploit, Vendor Advisory () http://tigger.uic.edu/~jlongs2/holes/tnftp.txt - Exploit, Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/18560 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/18560 -

Information

Published : 2005-01-10 05:00

Updated : 2024-11-20 23:50


NVD link : CVE-2004-1294

Mitre link : CVE-2004-1294

CVE.ORG link : CVE-2004-1294


JSON object : View

Products Affected

luke_mewburn

  • tnftp