CVE-2004-0656
published 2004-08-06CVE-2004-0656: The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial of service by exceeding the maximum number of connections.
PriorityP419medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
2.35%
81.6th percentile
The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial of service by exceeding the maximum number of connections.
Affected
22 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | pure-ftpd | < pure-ftpd 1.0.19-1 (bookworm) | pure-ftpd 1.0.19-1 (bookworm) |
| pureftpd | pure-ftpd | >= 0 < 1.0.19-1 | 1.0.19-1 |
| pureftpd | pure-ftpd | >= 0 < 1.0.19-1 | 1.0.19-1 |
| pureftpd | pure-ftpd | >= 0 < 1.0.19-1 | 1.0.19-1 |
| pureftpd | pureftpd | — | — |
| pureftpd | pureftpd | — | — |
| pureftpd | pureftpd | — | — |
| pureftpd | pureftpd | — | — |
| pureftpd | pureftpd | — | — |
| pureftpd | pureftpd | — | — |
| pureftpd | pureftpd | — | — |
| pureftpd | pureftpd | — | — |
| pureftpd | pureftpd | — | — |
| pureftpd | pureftpd | — | — |
| pureftpd | pureftpd | — | — |
| pureftpd | pureftpd | — | — |
| pureftpd | pureftpd | — | — |
| pureftpd | pureftpd | — | — |
| pureftpd | pureftpd | — | — |
| pureftpd | pureftpd | — | — |
| pureftpd | pureftpd | — | — |
| pureftpd | pureftpd | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-g7m6-w6x3-gg99: The accept_client function in PureFTPd 1
ghsa_unreviewed·2022-04-29
CVE-2004-0656 [MEDIUM] GHSA-g7m6-w6x3-gg99: The accept_client function in PureFTPd 1
The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial of service by exceeding the maximum number of connections.
OSV
CVE-2004-0656: The accept_client function in PureFTPd 1
osv·2004-08-06·CVSS 5.0
CVE-2004-0656 [MEDIUM] CVE-2004-0656: The accept_client function in PureFTPd 1
The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial of service by exceeding the maximum number of connections.
Debian
CVE-2004-0656: pure-ftpd - The accept_client function in PureFTPd 1.0.18 and earlier allows remote attacker...
vendor_debian·2004·CVSS 5.0
CVE-2004-0656 [MEDIUM] CVE-2004-0656: pure-ftpd - The accept_client function in PureFTPd 1.0.18 and earlier allows remote attacker...
The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial of service by exceeding the maximum number of connections.
Scope: local
bookworm: resolved (fixed in 1.0.19-1)
bullseye: resolved (fixed in 1.0.19-1)
sid: resolved (fixed in 1.0.19-1)
trixie: resolved (fixed in 1.0.19-1)
No detection rules found.
Nuclei
Pure-FTPd ≤ 1.0.18 - DoS via Connection Limit Exhaustion
nuclei·CVSS 5.0
CVE-2004-0656 [MEDIUM] Pure-FTPd ≤ 1.0.18 - DoS via Connection Limit Exhaustion
Pure-FTPd ≤ 1.0.18 - DoS via Connection Limit Exhaustion
Pure-FTPd versions ≤ 1.0.18 are vulnerable to denial of service through connection limit exhaustion. The vulnerability occurs in the accept_client function when the maximum number of connections is exceeded, potentially causing the server to become unresponsive or crash.
Template:
id: CVE-2004-0656
info:
name: Pure-FTPd ≤ 1.0.18 - DoS via Connection Limit Exhaustion
author: pussycat0x
severity: medium
description: |
Pure-FTPd versions ≤ 1.0.18 are vulnerable to denial of service through connection limit exhaustion. The vulnerability occurs in the accept_client function when the maximum number of connections is exceeded, potentially causing the server to become unresponsive or crash.
impact: |
Attackers can exhaust server connecti
No writeups or analysis indexed.
2004-08-06
Published