CVE-2007-0428 - Vulnerability Details - OpenCVE

Unspecified vulnerability in the chtbl_lookup function in hash.c for WzdFTPD 8.0 and earlier allows remote attackers to cause a denial of service via a crafted FTP command, probably due to a NULL pointer dereference.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Wzdftpd	Wzdftpd

Configuration 1 [-]

cpe:2.3:a:wzdftpd:wzdftpd:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051896.html
http://osvdb.org/32941
http://secunia.com/advisories/23852
http://securityreason.com/securityalert/2171
http://securitytracker.com/id?1017537
http://www.s21sec.com/avisos/s21sec-033-en.txt
http://www.securityfocus.com/archive/1/457454/100/0/threaded
http://www.vupen.com/english/advisories/2007/0277
https://exchange.xforce.ibmcloud.com/vulnerabilities/31599

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-01-23T02:00:00

Updated: 2024-08-07T12:19:30.166Z

Reserved: 2007-01-22T00:00:00

Link: CVE-2007-0428

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-01-23T02:28:00.000

Modified: 2024-11-21T00:25:50.527

Link: CVE-2007-0428

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-01-19T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the chtbl_lookup function in hash.c for WzdFTPD 8.0 and earlier allows remote attackers to cause a denial of service via a crafted FTP command, probably due to a NULL pointer dereference."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "23852", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23852"}, {"tags": ["x_refsource_MISC"], "url": "http://www.s21sec.com/avisos/s21sec-033-en.txt"}, {"name": "wzdftpd-ftp-dos(31599)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31599"}, {"name": "2171", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/2171"}, {"name": "ADV-2007-0277", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/0277"}, {"name": "32941", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/32941"}, {"name": "1017537", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017537"}, {"name": "20070119 WzdFTPD < 8.1 Denial of service", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051896.html"}, {"name": "20070119 WzdFTPD < 8.1 Denial of service", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/457454/100/0/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-0428", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the chtbl_lookup function in hash.c for WzdFTPD 8.0 and earlier allows remote attackers to cause a denial of service via a crafted FTP command, probably due to a NULL pointer dereference."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "23852", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23852"}, {"name": "http://www.s21sec.com/avisos/s21sec-033-en.txt", "refsource": "MISC", "url": "http://www.s21sec.com/avisos/s21sec-033-en.txt"}, {"name": "wzdftpd-ftp-dos(31599)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31599"}, {"name": "2171", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/2171"}, {"name": "ADV-2007-0277", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/0277"}, {"name": "32941", "refsource": "OSVDB", "url": "http://osvdb.org/32941"}, {"name": "1017537", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1017537"}, {"name": "20070119 WzdFTPD < 8.1 Denial of service", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051896.html"}, {"name": "20070119 WzdFTPD < 8.1 Denial of service", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/457454/100/0/threaded"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T12:19:30.166Z"}, "title": "CVE Program Container", "references": [{"name": "23852", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23852"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.s21sec.com/avisos/s21sec-033-en.txt"}, {"name": "wzdftpd-ftp-dos(31599)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31599"}, {"name": "2171", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/2171"}, {"name": "ADV-2007-0277", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/0277"}, {"name": "32941", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/32941"}, {"name": "1017537", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1017537"}, {"name": "20070119 WzdFTPD < 8.1 Denial of service", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051896.html"}, {"name": "20070119 WzdFTPD < 8.1 Denial of service", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/457454/100/0/threaded"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-0428", "datePublished": "2007-01-23T02:00:00", "dateReserved": "2007-01-22T00:00:00", "dateUpdated": "2024-08-07T12:19:30.166Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wzdftpd:wzdftpd:*:*:*:*:*:*:*:*", "matchCriteriaId": "B27B6C23-91CA-4AB2-8A52-1540D828C0C0", "versionEndIncluding": "8.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the chtbl_lookup function in hash.c for WzdFTPD 8.0 and earlier allows remote attackers to cause a denial of service via a crafted FTP command, probably due to a NULL pointer dereference."}, {"lang": "es", "value": "Vulnerabilidad no especificada en la funci\u00f3n chtbl_lookup de hash.c para WzdFTPD 8.0 y anteriores permite a atacantes remotos provocar una denegaci\u00f3n de servicio mediante un comando FTP manipulado, probablemente debido a una referencia a puntero nulo (NULL)."}], "id": "CVE-2007-0428", "lastModified": "2024-11-21T00:25:50.527", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-01-23T02:28:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051896.html"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/32941"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/23852"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/2171"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://securitytracker.com/id?1017537"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.s21sec.com/avisos/s21sec-033-en.txt"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/457454/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/0277"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31599"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051896.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/32941"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/23852"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/2171"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://securitytracker.com/id?1017537"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.s21sec.com/avisos/s21sec-033-en.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/457454/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/0277"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31599"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}