CVE-2011-10029
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-08-20
Last updated on: 2025-08-22
Assigner: VulnCheck
Description
Description
Solar FTP Server fails to properly handle format strings passed to the USER command. When a specially crafted string containing format specifiers is sent, the server crashes due to a read access violation in the __output_1() function of sfsservice.exe. This results in a denial of service (DoS) condition.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| flexbyte | solar_ftp_server | 2.1.2 |
| flexbyte | solar_ftp_server | 2.1.1 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-134 | The product uses a function that accepts a format string as an argument, but the format string originates from an external source. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in Solar FTP Server where it improperly handles format strings passed to the USER command. If an attacker sends a specially crafted string containing format specifiers, the server crashes due to a read access violation in the __output_1() function of sfsservice.exe, causing a denial of service (DoS).
How can this vulnerability impact me? :
The vulnerability can cause the Solar FTP Server to crash, resulting in a denial of service (DoS) condition. This means legitimate users may be unable to access the FTP service while it is down.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70