CVE-2004-0255

Name of the Vulnerable Software and Affected Versions Xlight version 1.52

Description The issue allows remote attackers to cause a denial of service by requesting a long directory consisting of . (dot) and / (slash) characters. This causes the server to crash when the administrator views the log file, possibly triggering a buffer overflow.

Recommendations For Xlight version 1.52, consider disabling the log to screen feature as a temporary workaround to minimize the risk of exploitation. Restrict access to the log file to prevent administrators from viewing it until a fix is available.