226 matches found
GNU Inetutils Elevation of Privilege Vulnerability
GNU Inetutils is a collection of network tools from the GNU Project that contains common network management programs such as traceroute, hostname, ifconfig, and others. The toolset is mainly used for functions such as network diagnostics, configuration and system information query. An elevation o...
CVE-2023-40303
GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of setid family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary us...
UBUNTU-CVE-2023-40303
GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of setid family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary us...
PT-2023-24251 · Wftpd · Wftpd
Name of the Vulnerable Software and Affected Versions: WFTPD version 3.25 Description: The software stores usernames and password hashes in an openly viewable wftpd.ini configuration file within the WFTPD directory. This issue is noted in a product from 2006. Recommendations: For WFTPD version...
SUSE CVE-2000-0573
The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command...
SUSE CVE-2007-5894
The reply function in ftpd.c in the gssftp ftpd in MIT Kerberos 5 krb5 does not initialize the length variable when authtype has a certain value, which has unknown impact and remote authenticated attack vectors. NOTE: the original disclosure misidentifies the conditions under which the...
SUSE CVE-2011-1526
ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications aka krb5-appl 1.0.1 and earlier does not check the krb5setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP...
MikroTik routers denial of service vulnerability
MikroTik routers is a router product from the Latvian company MikroTik. A security vulnerability exists in the FTP daemon in MikroTik routers 6.44.3 and earlier versions. A remote attacker can exploit the vulnerability to exhaust all available memory...
CVE-2019-13074
A vulnerability in the FTP daemon on MikroTik routers through 6.44.3 could allow remote attackers to exhaust all available memory, causing the device to reboot because of uncontrolled resource management...
CVE-2019-13074
A vulnerability in the FTP daemon on MikroTik routers through 6.44.3 could allow remote attackers to exhaust all available memory, causing the device to reboot because of uncontrolled resource management...
MikroTik 6.41.4 Denial Of Service
Title: MikroTik 6.41.4 Denial of service FTP daemon crash CVE: CVE-2018-10070 CWE: CWE-400 Exploit Author: Hosein Askari FarazPajohan Vendor HomePage: https://mikrotik.com/ Version : 6.41.4 Released 2018-Apr-05 | All Version Date: 13-05-2018 Category: Network Appliance Description: A vulnerabilit...
MikroTik 6.41.4 - FTP daemon Denial of Service PoC
MikroTik 6.41.4 - FTP daemon Denial of Service PoC Title: MikroTik 6.41.4 Denial of service FTP daemon crash CVE: CVE-2018-10070 CWE: CWE-400 Exploit Author: Hosein Askari FarazPajohan Vendor HomePage: https://mikrotik.com/ Version : 6.41.4 Released 2018-Apr-05 | All Version Date: 13-05-2018...
MikroTik 6.41.4 - FTP daemon Denial of Service PoC
Exploit for linux platform in category dos / poc Title: MikroTik 6.41.4 Denial of service FTP daemon crash CVE: CVE-2018-10070 CWE: CWE-400 Exploit Author: Hosein Askari FarazPajohan Vendor HomePage: https://mikrotik.com/ Version : 6.41.4 Released 2018-Apr-05 | All Version Date: 13-05-2018...
MikroTik 6.41.4 - FTP daemon Denial of Service (PoC)
Title: MikroTik 6.41.4 Denial of service FTP daemon crash CVE: CVE-2018-10070 CWE: CWE-400 Exploit Author: Hosein Askari FarazPajohan Vendor HomePage: https://mikrotik.com/ Version : 6.41.4 Released 2018-Apr-05 | All Version Date: 13-05-2018 Category: Network Appliance Description: A vulnerabilit...
CVE-2018-0541
Buffer overflow in Tiny FTP Daemon Ver0.52d allows an attacker to cause a denial-of-service DoS condition or execute arbitrary code via unspecified vectors...
CVE-2018-0541
Buffer overflow in Tiny FTP Daemon Ver0.52d allows an attacker to cause a denial-of-service DoS condition or execute arbitrary code via unspecified vectors...
Buffer overflow
Buffer overflow in Tiny FTP Daemon Ver0.52d allows an attacker to cause a denial-of-service DoS condition or execute arbitrary code via unspecified vectors...
CVE-2018-0541
Buffer overflow in Tiny FTP Daemon Ver0.52d allows an attacker to cause a denial-of-service DoS condition or execute arbitrary code via unspecified vectors...
CVE-2018-0541
The CVE-2018-0541 entry concerns TinyFTP Daemon Ver0.52d, which contains a buffer overflow (CWE-121). The vulnerability may allow a remote attacker to cause a denial-of-service or execute arbitrary code. Documented impact across sources confirms DoS and code execution possibilities via unspecifie...
Fedora pure-ftpd misconfiguration vulnerability
Fedora is a Linux-based operating system developed by the Fedora Project community and sponsored by Red Hat. pure-ftpd is one of the FTP service programs. A misconfiguration vulnerability exists in Downstream version 1.0.46-1 of pure-ftpd in Fedora. A remote attacker could exploit this...