CVE-2005-0276

Name of the Vulnerable Software and Affected Versions 3Com 3CDaemon version 2.0 revision 10

Description The issue concerns multiple format string vulnerabilities in the FTP service. These vulnerabilities can be exploited by remote attackers to cause a denial of service, specifically an application crash, by using format string specifiers in various commands, including the username, cd, delete, rename, rmdir, literal, stat, and CWD commands.

Recommendations For 3Com 3CDaemon version 2.0 revision 10, consider restricting access to the FTP service until a fix is available, and avoid using format string specifiers in the aforementioned commands to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.