Lucene search
K

91 matches found

CVE
CVE
added 2020/01/10 4:43 p.m.90 views

CVE-2020-6162

CVE-2020-6162 affects Bftpd 5.3. An out-of-bounds read triggered by an uninitialized value causes the daemon to crash at startup, specifically in the hidegroups_init function in dirlist.c. The available connected documents confirm the vulnerability class (out-of-bounds read) and location, but do ...

9.1CVSS9.1AI score0.01737EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/01/10 4:43 p.m.17 views

CVE-2020-6162

An issue was discovered in Bftpd 5.3. Under certain circumstances, an out-of-bounds read is triggered due to an uninitialized value. The daemon crashes at startup in the hidegroupsinit function in dirlist.c...

9.2AI score0.01737EPSS
Exploits0References2
CNVD
CNVD
added 2020/01/07 12:0 a.m.1 views

Bftpd Buffer Error Vulnerability

bftpd is a small , easy to configure FTP server for UNIX-like systems . A buffer error vulnerability exists in Bftpd version 5.3. The vulnerability stems from a network system or product performing operations in memory without properly validating data boundaries, resulting in incorrect read and...

9.1CVSS7.3AI score0.01737EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2017/11/21 12:0 a.m.64 views

Bftpd < 4.7 Memory Leak Vulnerability

Bftpd is prone to a memory leak vulnerability in the file rename function. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...

7.5CVSS7.5AI score0.01165EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2017/11/21 12:0 a.m.55 views

Bftpd FTP Server Detection (FTP)

FTP based detection of Bftpd FTP Server. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute...

0.2AI score
Exploits0References1
CNVD
CNVD
added 2017/11/20 12:0 a.m.5 views

bftpd Denial of Service Vulnerability

Bftpd is a small FTP server. A security vulnerability exists in the file rename function in Bftpd versions prior to 4.7. An attacker can exploit this vulnerability to cause a denial of service memory leak...

7.5CVSS6.7AI score0.01165EPSS
Exploits0References1
NVD
NVD
added 2017/11/19 5:29 p.m.18 views

CVE-2017-16892

In Bftpd before 4.7, there is a memory leak in the file rename function...

7.5CVSS7.5AI score0.01165EPSS
Exploits0References2
OSV
OSV
added 2017/11/19 5:29 p.m.6 views

CVE-2017-16892

In Bftpd before 4.7, there is a memory leak in the file rename function...

7.5CVSS5.8AI score0.01165EPSS
Exploits0References2
Prion
Prion
added 2017/11/19 5:29 p.m.17 views

Memory corruption

In Bftpd before 4.7, there is a memory leak in the file rename function...

5CVSS7.5AI score0.01165EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/11/19 5:0 p.m.21 views

CVE-2017-16892

In Bftpd before 4.7, there is a memory leak in the file rename function...

7.5AI score0.01165EPSS
Exploits0References2
CVE
CVE
added 2017/11/19 5:0 p.m.52 views

CVE-2017-16892

The CVE-2017-16892 entry applies to Bftpd before 4.7, where the file-rename function contains a memory-leak bug. Multiple sources corroborate a memory-leak risk that can lead to denial of service; CVSS data shows a high impact for the 3.0 vector (HIGH availability impact) and medium base score (5...

7.5CVSS7.4AI score0.01165EPSS
Exploits0References2Affected Software1
seebug.org
seebug.org
added 2010/06/07 12:0 a.m.74 views

BFTPD 2.x匿名账号绕过ROOTDIR安全限制漏洞

BUGTRAQ ID: 40540 Bftpd是一款小型的FTP服务器。 bftpd处理匿名登录时可能会忽略配置文件中所指定的ROOTDIR选项,允许用户绕过限制获得对系统上任意文件或目录的读写访问。 BFTPD 2.x 厂商补丁: BFTPD ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://bftpd.sourceforge.net/news.html...

6.9AI score
Exploits0
NVD
NVD
added 2010/01/07 6:30 p.m.22 views

CVE-2009-4593

The bftpdutmplog function in bftpdutmp.c in Bftpd before 2.4 does not place a '\0' character at the end of the string value of the ut.buhost structure member, which might allow remote attackers to cause a denial of service daemon crash via unspecified vectors. NOTE: some of these details are...

5CVSS6.6AI score0.0144EPSS
Exploits0References5
Prion
Prion
added 2010/01/07 6:30 p.m.13 views

Information disclosure

The bftpdutmplog function in bftpdutmp.c in Bftpd before 2.4 does not place a '\0' character at the end of the string value of the ut.buhost structure member, which might allow remote attackers to cause a denial of service daemon crash via unspecified vectors. NOTE: some of these details are...

5CVSS7.1AI score0.0144EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2010/01/07 6:13 p.m.29 views

CVE-2009-4593

The bftpdutmplog function in bftpdutmp.c in Bftpd before 2.4 does not place a '\0' character at the end of the string value of the ut.buhost structure member, which might allow remote attackers to cause a denial of service daemon crash via unspecified vectors. NOTE: some of these details are...

6.6AI score0.0144EPSS
Exploits0References5
CVE
CVE
added 2010/01/07 6:13 p.m.100 views

CVE-2009-4593

CVE-2009-4593 affects Bftpd up to version 2.4. The bftpdutmp_log function in bftpdutmp.c does not append a null terminator to the ut.bu_host string, which could allow remote attackers to trigger a denial of service (daemon crash) through unspecified vectors. Consequences are remote DoS; exploitat...

5CVSS6.8AI score0.0144EPSS
Exploits0References5Affected Software1
OpenVAS
OpenVAS
added 2009/10/28 12:0 a.m.14 views

Bftpd Unspecified Remote Denial of Service Vulnerability

Bftpd is prone to an unspecified remote denial-of-service vulnerability. Successful exploits will cause the affected application to crash, denying service to legitimate users. Versions prior to Bftpd 2.4 are vulnerable. OpenVAS Vulnerability Test $Id: bftpd36820.nasl 7573 2017-10-26 09:18:50Z...

5CVSS0.3AI score0.0144EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2009/10/28 12:0 a.m.25 views

Bftpd < 2.4 DoS Vulnerability

Bftpd is prone to an unspecified remote denial of service DoS vulnerability. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...

5CVSS6.8AI score0.0144EPSS
Exploits0References2
securityvulns
securityvulns
added 2007/04/19 12:0 a.m.60 views

bftpd FTP server buffer overflow

No description provided...

5CVSS2.6AI score0.013EPSS
Exploits0Affected Software1
Prion
Prion
added 2007/04/16 10:19 p.m.19 views

Buffer overflow

Buffer overflow in the parsecmd function in bftpd before 1.8 has unknown impact and attack vectors related to the confstr variable...

5CVSS7.4AI score0.013EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder