CVE-2004-2367
Description
WFTPD and WFTPD Pro 3.21 R1 and R2 are vulnerable to denial of service when a long FTP command is sent to the Control Panel applet.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
WFTPD and WFTPD Pro 3.21 R1 and R2 are vulnerable to denial of service when a long FTP command is sent to the Control Panel applet.
Vulnerability
The Control Panel applet in WFTPD and WFTPD Pro versions 3.21 R1 and R2 is susceptible to a denial of service vulnerability. This issue occurs when a user, already authenticated to the service, sends an FTP command with an excessively long parameter [1].
Exploitation
An attacker needs to be authenticated to the WFTPD server. Once authenticated, the attacker can send a crafted FTP command, such as a LIST command with a very long argument (e.g., 260 'A' characters), to trigger the vulnerability [1].
Impact
Successful exploitation of this vulnerability causes the WFTPD server's GUI to become unstable, potentially leading to a crash and preventing the GUI from opening. This results in a denial of service for users attempting to access the Control Panel applet [1].
Mitigation
No specific patched version or release date has been disclosed in the available references. Users are advised to consult vendor advisories for potential workarounds or fixes. The affected versions are WFTPD and WFTPD Pro 3.21 R1 and R2 [1].
AI Insight generated on Jun 5, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2= 3.21 R1 / R2+ 1 more
- (no CPE)range: = 3.21 R1 / R2
- (no CPE)range: = 3.21 R1 / R2
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
5- secunia.com/advisories/11160/nvdPatchVendor Advisory
- www.securiteam.com/windowsntfocus/5JP0B20CAY.htmlnvdExploitVendor Advisory
- www.securityfocus.com/bid/9908nvdExploitPatch
- www.wftpd.com/bug_gpf.htmnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/15510nvd
News mentions
0No linked articles in our index yet.