Ftp Security Vulnerabilities
Directory traversal vulnerability in TYPSoft FTP server 0.97.1 and earlier allows a remote authenticated user (possibly anonymous) to list arbitrary directories via a .. in a LIST (ls) command ending in wildcard ....
6.5AI Score
0.004EPSS
ArGoSoft FTP Server 1.2.2.2 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target...
7.5CVSS
7.1AI Score
0.003EPSS
Directory traversal vulnerability in Dynu FTP server 1.05 and earlier allows remote attackers to read arbitrary files via a .. in the CD (CWD)...
7.1AI Score
0.013EPSS
Directory traversal vulnerability in Cerberus FTP Server 1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the CD...
7.1AI Score
0.004EPSS
Buffer overflow in Matu FTP client 1.74 allows remote FTP servers to execute arbitrary code via a long "220"...
8.2AI Score
0.011EPSS
Buffer overflow in BlackMoon FTP Server 1.0 through 1.5 allows remote attackers to execute arbitrary code via a long argument to (1) USER, (2) PASS, or (3)...
7.9AI Score
0.067EPSS
TYPSoft FTP 0.95 allows remote attackers to cause a denial of service (CPU consumption) via a "../../*" argument to (1) STOR or (2)...
6.7AI Score
0.012EPSS
ArGoSoft FTP Server 1.2.2.2 uses weak encryption for user passwords, which allows an attacker with access to the password file to gain...
7.3AI Score
0.005EPSS
Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 allows a remote attacker to perform a denial of service (hang) by creating a directory name of a specific...
7AI Score
0.012EPSS
Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 stores passwords in plaintext in the "Rumpus User Database" file in the prefs folder, which could allow attackers to gain privileges on the...
6.8AI Score
0.008EPSS
BisonWare FTP Server 4.1 and earlier allows remote attackers to cause a denial of service via a malformed PORT command that contains a non-numeric character and a large number of carriage...
7.1AI Score
0.003EPSS
BisonFTP V4R1 allows local users to access directories outside of their home directory by uploading .bdl files, which can then be linked to other...
6.7AI Score
0.0004EPSS
Maximum Rumpus FTP Server 2.0.3 dev and before allows an attacker to cause a denial of service (crash) via a mkdir command that specifies a large number of...
6.9AI Score
0.001EPSS
Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target...
7.5CVSS
7.1AI Score
0.003EPSS
Buffer overflows in WS_FTP 2.02 allow remote attackers to execute arbitrary code via long arguments to (1) DELE, (2) MDTM, (3) MLST, (4) MKD, (5) RMD, (6) RNFR, (7) RNTO, (8) SIZE, (9) STAT, (10) XMKD, or (11)...
7.7AI Score
0.768EPSS
Cerberus FTP server 1.0 - 1.5 allows remote attackers to cause a denial of service (crash) via a large number of "PASV"...
7AI Score
0.003EPSS
Buffer overflow in A-FTP Anonymous FTP Server allows remote attackers to cause a denial of service via a long USER...
7.2AI Score
0.002EPSS
Broker FTP server 5.9.5 for Windows NT and 9x allows a remote attacker to retrieve privileged web server system information by (1) issuing a CD command (CD C:) followed by the LS command, (2) specifying arbitrary paths in the UNC format...
7AI Score
0.005EPSS
Broker FTP Server 5.9.5.0 allows a remote attacker to cause a denial of service by repeatedly issuing an invalid CD or CWD ("CD . .")...
7AI Score
0.011EPSS
Cerberus FTP 1.5 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long (1) username, (2) password, or (3) PASV...
7.9AI Score
0.02EPSS
IPswitch IMail allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to...
7AI Score
0.0004EPSS
Buffer overflows in Bisonware FTP server prior to 4.1 allow remote attackers to cause a denial of service, and possibly execute arbitrary commands, via long (1) USER, (2) LIST, or (3) CWD...
7.5AI Score
0.945EPSS
Gene6 G6 FTP Server 2.0 allows a remote attacker to cause a denial of service (resource exhaustion) via a long (1) user name or (2)...
7AI Score
0.034EPSS
Argosoft FRP server 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to the (1) USER or (2) CWD...
7.6AI Score
0.12EPSS
Auto_FTP.pl script in Auto_FTP 0.2 stores usernames and passwords in plaintext in the auto_ftp.conf configuration...
6.9AI Score
0.015EPSS
WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain...
6.9AI Score
0.003EPSS
Buffer overflow in Vermillion FTP Daemon VFTPD 1.23 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via several long CWD...
7.8AI Score
0.03EPSS
Auto_FTP.pl script in Auto_FTP 0.2 uses the /tmp/ftp_tmp as a shared directory with insecure permissions, which allows local users to (1) send arbitrary files to the remote server by placing them in the directory, and (2) view files that are being...
6.9AI Score
0.0004EPSS
gFTP FTP client 1.13, and other versions before 2.0.0, records a password in plaintext in (1) the log window, or (2) in a log...
6.7AI Score
0.001EPSS
IPswitch WS_FTP allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to...
7AI Score
0.0004EPSS
Ben Spink CrushFTP FTP Server 2.1.6 and earlier allows a local attacker to access arbitrary files via a '..' (dot dot) attack, or variations, in (1) GET, (2) CD, (3) NLST, (4) SIZE, (5)...
6.4AI Score
0.0004EPSS
Directory traversal vulnerability in Transsoft FTP Broker before 5.5 allows attackers to (1) delete arbitrary files via DELETE, or (2) list arbitrary directories via LIST, via a .. (dot dot) in the file...
6.6AI Score
0.002EPSS
Directory traversal vulnerability in Alex's FTP Server 0.7 allows remote attackers to read arbitrary files via a ... (modified dot dot) in the (1) GET or (2) CD...
7.1AI Score
0.015EPSS
Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows attackers to read file attributes outside of the web root via the (1) SIZE and (2) MDTM commands when the "show relative paths" option is not...
6.7AI Score
0.009EPSS
Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the...
6.3AI Score
0.004EPSS
FaSTream FTP++ Server 2.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long...
7.9AI Score
0.005EPSS
FaSTream FTP++ Server 2.0 allows remote attackers to list arbitrary directories by using the "ls" command and including the drive letter name (e.g. C:) in the requested...
7.3AI Score
0.022EPSS
FaSTream FTP++ Server 2.0 allows remote attackers to obtain the real pathname of the server via the "pwd"...
7AI Score
0.01EPSS
GoodTech FTP server allows remote attackers to cause a denial of service via a large number of RNTO...
7AI Score
0.011EPSS
Directory traversal vulnerability in SunFTP build 9 allows remote attackers to read arbitrary files via .. (dot dot) characters in various commands, including (1) GET, (2) MKDIR, (3) RMDIR, (4) RENAME, or (5)...
6.8AI Score
0.006EPSS
Directory traversal vulnerability in TYPSoft FTP Server 0.85 allows remote attackers to read arbitrary files via (1) a .. (dot dot) in a GET command, or (2) a ... in a CWD...
7.1AI Score
0.01EPSS
GoodTech FTP server 3.0.1.2.1.0 and earlier allows remote attackers to cause a denial of service via a flood of connections to the server, which causes it to...
6.7AI Score
0.007EPSS
CoffeeCup Direct and Free FTP clients uses weak encryption to store passwords in the FTPServers.ini file, which could allow attackers to easily decrypt the...
6.9AI Score
0.0004EPSS
FTP Serv-U 2.5e allows remote attackers to cause a denial of service by sending a large number of null...
6.7AI Score
0.009EPSS
Buffer overflow in TransSoft Broker FTP Server before 4.3.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long...
8.2AI Score
0.014EPSS
Buffer overflow in Fastream FTP++ 2.0 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long...
8.2AI Score
0.002EPSS
OS2/Warp 4.5 FTP server allows remote attackers to cause a denial of service via a long...
7AI Score
0.009EPSS
ftp.pl CGI program for Virtual Visions FTP browser allows remote attackers to read directories outside of the document root via a .. (dot dot)...
6.6AI Score
0.003EPSS
Buffer overflow in Serv-U FTP 2.5 allows remote users to conduct a denial of service via the SITE...
6.8AI Score
0.012EPSS
FTP Explorer uses weak encryption for storing the username, password, and profile of FTP...
7.1AI Score
0.0004EPSS