CVE-2004-0432
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions.
ProFTPD 1.2.9 trata las directivas Permitir y Denegar para ACLS basadas en CIDR como si fueran AllowAll (Permitir Todo), lo que podrĂa permitir a clientes FTP saltarse las restricciones de acceso pretendidas.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2004-05-03 CVE Reserved
- 2004-05-05 CVE Published
- 2023-04-12 EPSS Updated
- 2024-08-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| http://bugs.proftpd.org/show_bug.cgi?id=2267 | X_refsource_confirm | |
| http://marc.info/?l=bugtraq&m=108335051011341&w=2 | Mailing List | |
| http://secunia.com/advisories/11527 | Third Party Advisory | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/16038 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.securityfocus.com/bid/10252 | 2017-07-11 |
| URL | Date | SRC |
|---|---|---|
| http://marc.info/?l=bugtraq&m=108335030208523&w=2 | 2017-07-11 | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2004:041 | 2017-07-11 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Proftpd Project Search vendor "Proftpd Project" | Proftpd Search vendor "Proftpd Project" for product "Proftpd" | 1.2.9 Search vendor "Proftpd Project" for product "Proftpd" and version "1.2.9" | - |
Affected
| ||||||
| Gentoo Search vendor "Gentoo" | Linux Search vendor "Gentoo" for product "Linux" | 0.5 Search vendor "Gentoo" for product "Linux" and version "0.5" | - |
Affected
| ||||||
| Gentoo Search vendor "Gentoo" | Linux Search vendor "Gentoo" for product "Linux" | 0.7 Search vendor "Gentoo" for product "Linux" and version "0.7" | - |
Affected
| ||||||
| Gentoo Search vendor "Gentoo" | Linux Search vendor "Gentoo" for product "Linux" | 1.1a Search vendor "Gentoo" for product "Linux" and version "1.1a" | - |
Affected
| ||||||
| Gentoo Search vendor "Gentoo" | Linux Search vendor "Gentoo" for product "Linux" | 1.2 Search vendor "Gentoo" for product "Linux" and version "1.2" | - |
Affected
| ||||||
| Gentoo Search vendor "Gentoo" | Linux Search vendor "Gentoo" for product "Linux" | 1.4 Search vendor "Gentoo" for product "Linux" and version "1.4" | - |
Affected
| ||||||
| Gentoo Search vendor "Gentoo" | Linux Search vendor "Gentoo" for product "Linux" | 1.4 Search vendor "Gentoo" for product "Linux" and version "1.4" | rc1 |
Affected
| ||||||
| Gentoo Search vendor "Gentoo" | Linux Search vendor "Gentoo" for product "Linux" | 1.4 Search vendor "Gentoo" for product "Linux" and version "1.4" | rc2 |
Affected
| ||||||
| Gentoo Search vendor "Gentoo" | Linux Search vendor "Gentoo" for product "Linux" | 1.4 Search vendor "Gentoo" for product "Linux" and version "1.4" | rc3 |
Affected
| ||||||
| Trustix Search vendor "Trustix" | Secure Linux Search vendor "Trustix" for product "Secure Linux" | 2.0 Search vendor "Trustix" for product "Secure Linux" and version "2.0" | - |
Affected
| ||||||
| Trustix Search vendor "Trustix" | Secure Linux Search vendor "Trustix" for product "Secure Linux" | 2.1 Search vendor "Trustix" for product "Secure Linux" and version "2.1" | - |
Affected
| ||||||