CyberSec.Space Logo
CVEブラウザに戻る

CVE-2009-5141

MEDIUM
4.0
CVSS Severity Score
EPSS Score0.1520%
EPSS Percentile39.76th
Published2014年4月1日
Last Modified2026年5月6日

Vulnerability Description

Format string vulnerability in War FTP Daemon (warftpd) 1.82 RC 12 allows remote authenticated users to cause a denial of service (crash) via format string specifiers in a LIST command.

Affected Platforms (CPE)

📦
Jgaa

Warftpd

= 1.8.2

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2009-09/0105.html
🔗 http://www.exploit-db.com/exploits/9622
🔗 http://www.osvdb.org/62599
🔗 http://www.warftp.org/index.php?menu=338&cmd=show_article&article_id=1003
🔗 https://www.corelan.be/index.php/forum/security-advisories-archive-2009/corelan-09001-warftpd-1-82-rc12-dos/
🔗 http://archives.neohapsis.com/archives/bugtraq/2009-09/0105.html
🔗 http://www.exploit-db.com/exploits/9622
🔗 http://www.osvdb.org/62599

関連する脆弱性情報

CVE-2013-227810.0

Unspecified vulnerability in War FTP Daemon (warftpd) 1.82, when running as a Windows service, allows remote attackers to cause a ...

CVE-2006-21716.4

Buffer overflow in WDM.exe in WarFTPD allows remote attackers to execute arbitrary code via unspecified arguments, as demonstrated...

CVE-2006-57894.0

War FTP Daemon (WarFTPd) 1.82.00-RC11 allows remote authenticated users to cause a denial of service via a large number of "%s" fo...

CVE-2005-03122.1

WarFTPD 1.82 RC9, when running as an NT service, allows remote authenticated users to cause a denial of service (access violation)...