VYPR
Unrated severityNVD Advisory· Published Mar 15, 2004· Updated Jun 16, 2026

CVE-2004-0159

CVE-2004-0159

Description

Format string vulnerability in hsftp 1.11 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via file names containing format string characters that are not properly handled when executing an "ls" command.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • cpe:2.3:a:samhain_labs:hsftp:1.10:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:samhain_labs:hsftp:1.10:*:*:*:*:*:*:*
    • cpe:2.3:a:samhain_labs:hsftp:1.11:*:*:*:*:*:*:*
    • cpe:2.3:a:samhain_labs:hsftp:1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:samhain_labs:hsftp:1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:samhain_labs:hsftp:1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:samhain_labs:hsftp:1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:samhain_labs:hsftp:1.9:*:*:*:*:*:*:*
  • Debian/hsftpllm-create
    Range: =1.11

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.