CVE-2004-0656

The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial of service by exceeding the maximum number of connections.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://www.gentoo.org/security/en/glsa/glsa-200407-04.xml	Patch Vendor Advisory
http://www.pureftpd.org/
https://exchange.xforce.ibmcloud.com/vulnerabilities/16611

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:pureftpd:pureftpd:0.96:::::::*
	cpe:2.3:a:pureftpd:pureftpd:1.0:::::::*
	cpe:2.3:a:pureftpd:pureftpd:1.0.1:::::::*
	cpe:2.3:a:pureftpd:pureftpd:1.0.2:::::::*
	cpe:2.3:a:pureftpd:pureftpd:1.0.3:::::::*
	cpe:2.3:a:pureftpd:pureftpd:1.0.4:::::::*
	cpe:2.3:a:pureftpd:pureftpd:1.0.5:::::::*
	cpe:2.3:a:pureftpd:pureftpd:1.0.11:::::::*
	cpe:2.3:a:pureftpd:pureftpd:1.0.12:::::::*
	cpe:2.3:a:pureftpd:pureftpd:1.0.13a:::::::*
	cpe:2.3:a:pureftpd:pureftpd:1.0.14:::::::*
	cpe:2.3:a:pureftpd:pureftpd:1.0.15:::::::*
	cpe:2.3:a:pureftpd:pureftpd:1.0.16:::::::*
	cpe:2.3:a:pureftpd:pureftpd:1.0.16a:::::::*
	cpe:2.3:a:pureftpd:pureftpd:1.0.16b:::::::*
	cpe:2.3:a:pureftpd:pureftpd:1.0.16c:::::::*
	cpe:2.3:a:pureftpd:pureftpd:1.0.17a:::::::*
	cpe:2.3:a:pureftpd:pureftpd:1.0.18:::::::*

History

No history.

Information

Published : 2004-08-06 04:00

Updated : 2023-12-10 10:17

NVD link : CVE-2004-0656

Mitre link : CVE-2004-0656

CVE.ORG link : CVE-2004-0656

JSON object : View

Products Affected

pureftpd

pureftpd

CWE

NVD-CWE-Other

{"id": "CVE-2004-0656", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2004-08-06T04:00:00.000", "references": [{"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-04.xml", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.pureftpd.org/", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16611", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial of service by exceeding the maximum number of connections."}, {"lang": "es", "value": "La funci\u00f3n accpt_client en PureFTPd 1.0.18 y anteriores permite a atacantes remotos causar una denegaci\u00f3n de servicio excediendo el m\u00e1ximo n\u00famero de conexiones."}], "lastModified": "2017-07-11T01:30:21.057", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:pureftpd:pureftpd:0.96:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83BFFA9C-74F8-4CD3-8846-07795DAEA066"}, {"criteria": "cpe:2.3:a:pureftpd:pureftpd:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A934B47-2D3D-4464-88EC-2D738E2220C9"}, {"criteria": "cpe:2.3:a:pureftpd:pureftpd:1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55C1B110-F5C8-4B2D-86E5-66617C4F6D23"}, {"criteria": "cpe:2.3:a:pureftpd:pureftpd:1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4CCB444-9CBB-44AF-B742-A59827BDFEF9"}, {"criteria": "cpe:2.3:a:pureftpd:pureftpd:1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6EB5B90C-961A-47B5-9AC1-0F0283EA4500"}, {"criteria": "cpe:2.3:a:pureftpd:pureftpd:1.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DC3A0FD-2290-4AF9-814A-4B265C9540E6"}, {"criteria": "cpe:2.3:a:pureftpd:pureftpd:1.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A64F72D9-EBE5-4A2B-BCE8-9DD8787D0447"}, {"criteria": "cpe:2.3:a:pureftpd:pureftpd:1.0.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB91FA0F-A402-4139-B115-2EE0457FA97D"}, {"criteria": "cpe:2.3:a:pureftpd:pureftpd:1.0.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D709CE96-FFF2-4C9E-90CB-35C6AFED6C69"}, {"criteria": "cpe:2.3:a:pureftpd:pureftpd:1.0.13a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C6D4ACC-90AB-405C-8254-337B5424F71B"}, {"criteria": "cpe:2.3:a:pureftpd:pureftpd:1.0.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0B2E6FF-5155-4E2D-8E48-F1B75A595B28"}, {"criteria": "cpe:2.3:a:pureftpd:pureftpd:1.0.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "278778A3-3BE3-464F-AA9C-66905BB21076"}, {"criteria": "cpe:2.3:a:pureftpd:pureftpd:1.0.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FBD52EC6-9606-4E7E-97CA-EA8DF3484876"}, {"criteria": "cpe:2.3:a:pureftpd:pureftpd:1.0.16a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF1B2667-7D67-487D-87D6-6A2F7155F907"}, {"criteria": "cpe:2.3:a:pureftpd:pureftpd:1.0.16b:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF2FC6BA-4D69-4250-8E28-469F4BCAD1EC"}, {"criteria": "cpe:2.3:a:pureftpd:pureftpd:1.0.16c:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9F22F3C-9129-4A93-A692-AA555830E9AD"}, {"criteria": "cpe:2.3:a:pureftpd:pureftpd:1.0.17a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DDB7C7D5-1A65-4FCA-AE42-270F7EADA318"}, {"criteria": "cpe:2.3:a:pureftpd:pureftpd:1.0.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EFF3738C-2A3F-4521-97BF-8803D72A6D58"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}