Required CVE Record Information
Description
Format string vulnerability in hsftp 1.11 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via file names containing format string characters that are not properly handled when executing an "ls" command.
References 5 Total
- osvdb.org: 4029 vdb-entry
- exchange.xforce.ibmcloud.com: hsftp-format-string(15276) vdb-entry
- securityfocus.com: 9715 vdb-entry
- lists.grok.org.uk: 20040223 Re: [SECURITY] [DSA 447-1] New hsftp packages fix format string vulnerability mailing-list
- debian.org: DSA-447 vendor-advisory
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 5 Total
- osvdb.org: 4029 vdb-entryx_transferred
- exchange.xforce.ibmcloud.com: hsftp-format-string(15276) vdb-entryx_transferred
- securityfocus.com: 9715 vdb-entryx_transferred
- lists.grok.org.uk: 20040223 Re: [SECURITY] [DSA 447-1] New hsftp packages fix format string vulnerability mailing-listx_transferred
- debian.org: DSA-447 vendor-advisoryx_transferred