CVE-2004-2037

Name of the Vulnerable Software and Affected Versions Mollensoft Lightweight FTP Server version 3.6

Description The issue is a buffer overflow that can be triggered by remote authenticated users, potentially leading to a denial of service (crash) and possibly the execution of arbitrary code. This can be achieved by sending a long CWD command, for example, by using the "cd" command in an interactive FTP client.

Recommendations For Mollensoft Lightweight FTP Server version 3.6, consider restricting access to the CWD command as a temporary workaround until a patch is available. Avoid using long commands in the FTP client to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.