3Com 3CServer/3CDaemon FTP Server Multiple Vulnerabilities (OF, FS, PD, DoS)

critical Nessus Plugin ID 16321


The remote FTP server is affected by multiple issues.


The remote host is running the 3Com 3CServer or 3CDaemon FTP server.

According to its banner, the version of the 3CServer / 3CDaemon FTP server on the remote host is reportedly affected by multiple buffer overflow and format string vulnerabilities as well as an information leak issue. An attacker may be able to exploit these flaws to execute arbitrary code on the remote host with the privileges of the FTP server, generally Administrator.


Unknown at this time.

See Also



Plugin Details

Severity: Critical

ID: 16321

File Name: 3com_3cserver_ftp_overflow.nasl

Version: 1.23

Type: remote

Family: FTP

Published: 2/8/2005

Updated: 12/22/2020

Supported Sensors: Nessus

Risk Information


Risk Factor: Medium

Score: 6.6


Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:3com:3cdaemon, cpe:/a:3com:3cserver

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 1/4/2005

Exploitable With

Metasploit (3Com 3CDaemon 2.0 FTP Username Overflow)

Reference Information

CVE: CVE-2005-0276, CVE-2005-0277, CVE-2005-0278, CVE-2005-0419

BID: 12155, 12463