PT-2005-2782 · Hummingbird Connectivity · Ftpdw.Exe+2
Published
2005-06-01
·
Updated
2008-09-05
·
CVE-2005-1815
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
Hummingbird Connectivity inetD versions 9.0.0.4 through 10.0.0.1
Description
The issue allows attackers to cause a denial of service and possibly execute arbitrary code via buffer overflows. This can be achieved by sending an FTP command with a long argument to the
ftpdw.exe or by sending a large amount of data to Lpdw.exe.Recommendations
For versions 9.0.0.4 through 10.0.0.1, consider disabling the
ftpdw.exe and Lpdw.exe services until a patch is available to prevent potential exploitation.Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Hummingbird Connectivity Inetd
Lpdw.Exe
Ftpdw.Exe