Buffer overflow in Wftpserver Wing_ftp_server

CVE-2012-4729

Wing FTP Server before 4.1.1 allows remote authenticated users to cause a denial of service (daemon crash) via two zip commands.

Vulnerability class: Buffer Overflow

EPSS: 0.007 (72.7th percentile) — read the EPSS interpretation.

Affected products

Wftpserver Wing_ftp_server — versions 1.1, 1.2, 1.3
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

20121009 WingFTP Server Denial of Service Vulnerability (mailing-list, x_refsource_BUGTRAQ)
55847 (vdb-entry, x_refsource_BID)
86132 (x_refsource_OSVDB, vdb-entry)
cve@mitre.org (x_refsource_CONFIRM)