CVE-2004-1135

Name of the Vulnerable Software and Affected Versions: WS FTP Server version 5.03 2004.10.14

Description: The issue is related to multiple buffer overflows that can be triggered by remote attackers, causing a denial of service (service crash). This can be achieved by sending long commands, specifically the (1) SITE, (2) XMKD, (3) MKD, and (4) RNFR commands.

Recommendations: For WS FTP Server version 5.03 2004.10.14, consider restricting access to the SITE, XMKD, MKD, and RNFR commands until a patch is available. As a temporary workaround, limiting the length of input for these commands may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.