CVE-2004-0695

Description

Stack-based buffer overflow in the FTP service for 4D WebSTAR 5.3.2 and earlier allows remote attackers to execute arbitrary code via a long FTP command.

Affected products

• 4D / webstar4.0 – 4.0
• 4D / webstar5.2 – 5.2
• 4D / webstar5.2.1 – 5.2.1
• 4D / webstar5.2.2 – 5.2.2
• 4D / webstar5.2.3 – 5.2.3
• 4D / webstar5.2.4 – 5.2.4
• 4D / webstar5.3 – 5.3
• 4D / webstar5.3.1 – 5.3.1
• 4D / webstar5.3.2 – 5.3.2

References

• VENDOR_ADVISORYhttp://www.atstake.com/research/advisories/2004/a071304-1.txt
• MISCftp://ftp.4d.com/ACI_PRODUCT_REFERENCE_LIBRARY/4D_PRODUCT_DOCUMENTATION/PDF_Docs_by_4D_Product_A-Z/4D_WebSTAR/Software_Change_History.txt
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/16686