What is CVE-2004-2074?

CVE-2004-2074 is a vulnerability in N/a. Published 2005-05-19.

Is CVE-2004-2074 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2004-2074

Format string vulnerability in Dream FTP 1.02 allows local users to cause a denial of service (crash) via format string specifiers in the (1) PASS or (2) RETR commands.

EPSS: 0.556 (98.1th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework
ARPSyndicate/cve-scores

References

dreamftp-command-format-string(15380) (vdb-entry, x_refsource_XF)
1009295 (vdb-entry, x_refsource_SECTRACK)
9800 (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2004-2074?: CVE-2004-2074 is a vulnerability in N/a. Published 2005-05-19.
Is CVE-2004-2074 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.