OpenCVE

Buffer overflow in the FTP service in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via (1) a long username in the USER command or (2) an FTP command that contains a long argument, such as cd, send, or ls.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
3com	3cdaemon

Configuration 1 [-]

cpe:2.3:a:3com:3cdaemon:2.0:revision_10:*:*:*:*:*:*

No data.

References

Link	Providers
http://marc.info/?l=bugtraq&m=110485674622696&w=2
http://marc.info/?l=bugtraq&m=110886719528518&w=2
http://www.securityfocus.com/bid/12155
https://exchange.xforce.ibmcloud.com/vulnerabilities/18754

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-02-10T05:00:00

Updated: 2024-08-07T21:05:25.546Z

Reserved: 2005-02-10T00:00:00

Link: CVE-2005-0277

Vulnrichment

No data.

NVD

Status : Modified

Published: 2005-05-02T04:00:00.000

Modified: 2024-11-20T23:54:47.160

Link: CVE-2005-0277

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-01-04T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in the FTP service in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via (1) a long username in the USER command or (2) an FTP command that contains a long argument, such as cd, send, or ls."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "12155", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/12155"}, {"name": "3cdaemon-long-command-dos(18754)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18754"}, {"name": "20050104 3Com 3CDaemon Multiple Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=110485674622696&w=2"}, {"name": "20050218 3com 3CDaemon FTP Unauthorized \"USER\" Remote BOverflow", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=110886719528518&w=2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-0277", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in the FTP service in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via (1) a long username in the USER command or (2) an FTP command that contains a long argument, such as cd, send, or ls."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "12155", "refsource": "BID", "url": "http://www.securityfocus.com/bid/12155"}, {"name": "3cdaemon-long-command-dos(18754)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18754"}, {"name": "20050104 3Com 3CDaemon Multiple Vulnerabilities", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=110485674622696&w=2"}, {"name": "20050218 3com 3CDaemon FTP Unauthorized \"USER\" Remote BOverflow", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=110886719528518&w=2"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T21:05:25.546Z"}, "title": "CVE Program Container", "references": [{"name": "12155", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/12155"}, {"name": "3cdaemon-long-command-dos(18754)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18754"}, {"name": "20050104 3Com 3CDaemon Multiple Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=110485674622696&w=2"}, {"name": "20050218 3com 3CDaemon FTP Unauthorized \"USER\" Remote BOverflow", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=110886719528518&w=2"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-0277", "datePublished": "2005-02-10T05:00:00", "dateReserved": "2005-02-10T00:00:00", "dateUpdated": "2024-08-07T21:05:25.546Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}