Lucene search
+L

226 matches found

CNVD
CNVD
added 2023/08/16 12:0 a.m.6 views

GNU Inetutils Elevation of Privilege Vulnerability

GNU Inetutils is a collection of network tools from the GNU Project that contains common network management programs such as traceroute, hostname, ifconfig, and others. The toolset is mainly used for functions such as network diagnostics, configuration and system information query. An elevation o...

7.8CVSS7.2AI score0.0039EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/08/14 5:15 a.m.6 views

CVE-2023-40303

GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of setid family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary us...

7.8CVSS7.1AI score0.0039EPSS
Exploits1References6
OSV
OSV
added 2023/08/14 5:15 a.m.5 views

UBUNTU-CVE-2023-40303

GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of setid family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary us...

7.8CVSS7.1AI score0.0039EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/05/25 12:0 a.m.5 views

PT-2023-24251 · Wftpd · Wftpd

Name of the Vulnerable Software and Affected Versions: WFTPD version 3.25 Description: The software stores usernames and password hashes in an openly viewable wftpd.ini configuration file within the WFTPD directory. This issue is noted in a product from 2006. Recommendations: For WFTPD version...

7.5CVSS7.1AI score0.00861EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:22 a.m.5 views

SUSE CVE-2000-0573

The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command...

10CVSS7.8AI score0.96292EPSS
Exploits4References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:10 a.m.2 views

SUSE CVE-2007-5894

The reply function in ftpd.c in the gssftp ftpd in MIT Kerberos 5 krb5 does not initialize the length variable when authtype has a certain value, which has unknown impact and remote authenticated attack vectors. NOTE: the original disclosure misidentifies the conditions under which the...

9.3CVSS6.8AI score0.02685EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.3 views

SUSE CVE-2011-1526

ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications aka krb5-appl 1.0.1 and earlier does not check the krb5setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP...

6.5CVSS6.7AI score0.03938EPSS
Exploits0References6
CNVD
CNVD
added 2019/07/10 12:0 a.m.3 views

MikroTik routers denial of service vulnerability

MikroTik routers is a router product from the Latvian company MikroTik. A security vulnerability exists in the FTP daemon in MikroTik routers 6.44.3 and earlier versions. A remote attacker can exploit the vulnerability to exhaust all available memory...

7.8CVSS6.9AI score0.02046EPSS
Exploits0References1
NVD
NVD
added 2019/07/03 9:15 p.m.29 views

CVE-2019-13074

A vulnerability in the FTP daemon on MikroTik routers through 6.44.3 could allow remote attackers to exhaust all available memory, causing the device to reboot because of uncontrolled resource management...

7.8CVSS7.5AI score0.02046EPSS
Exploits0References2
OSV
OSV
added 2019/07/03 9:15 p.m.5 views

CVE-2019-13074

A vulnerability in the FTP daemon on MikroTik routers through 6.44.3 could allow remote attackers to exhaust all available memory, causing the device to reboot because of uncontrolled resource management...

7.5CVSS5.8AI score0.02046EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2018/04/13 12:0 a.m.192 views

MikroTik 6.41.4 Denial Of Service

Title: MikroTik 6.41.4 Denial of service FTP daemon crash CVE: CVE-2018-10070 CWE: CWE-400 Exploit Author: Hosein Askari FarazPajohan Vendor HomePage: https://mikrotik.com/ Version : 6.41.4 Released 2018-Apr-05 | All Version Date: 13-05-2018 Category: Network Appliance Description: A vulnerabilit...

7.6AI score0.12987EPSS
Exploits5
exploitpack
exploitpack
added 2018/04/13 12:0 a.m.58 views

MikroTik 6.41.4 - FTP daemon Denial of Service PoC

MikroTik 6.41.4 - FTP daemon Denial of Service PoC Title: MikroTik 6.41.4 Denial of service FTP daemon crash CVE: CVE-2018-10070 CWE: CWE-400 Exploit Author: Hosein Askari FarazPajohan Vendor HomePage: https://mikrotik.com/ Version : 6.41.4 Released 2018-Apr-05 | All Version Date: 13-05-2018...

7.8CVSS7.6AI score0.12987EPSS
Exploits5
0day.today
0day.today
added 2018/04/13 12:0 a.m.71 views

MikroTik 6.41.4 - FTP daemon Denial of Service PoC

Exploit for linux platform in category dos / poc Title: MikroTik 6.41.4 Denial of service FTP daemon crash CVE: CVE-2018-10070 CWE: CWE-400 Exploit Author: Hosein Askari FarazPajohan Vendor HomePage: https://mikrotik.com/ Version : 6.41.4 Released 2018-Apr-05 | All Version Date: 13-05-2018...

7.6AI score0.12987EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/13 12:0 a.m.66 views

MikroTik 6.41.4 - FTP daemon Denial of Service (PoC)

Title: MikroTik 6.41.4 Denial of service FTP daemon crash CVE: CVE-2018-10070 CWE: CWE-400 Exploit Author: Hosein Askari FarazPajohan Vendor HomePage: https://mikrotik.com/ Version : 6.41.4 Released 2018-Apr-05 | All Version Date: 13-05-2018 Category: Network Appliance Description: A vulnerabilit...

7.8CVSS7.6AI score0.12987EPSS
Exploits5
OSV
OSV
added 2018/03/22 1:29 p.m.3 views

CVE-2018-0541

Buffer overflow in Tiny FTP Daemon Ver0.52d allows an attacker to cause a denial-of-service DoS condition or execute arbitrary code via unspecified vectors...

9.8CVSS6.1AI score0.0323EPSS
Exploits0References1
NVD
NVD
added 2018/03/22 1:29 p.m.9 views

CVE-2018-0541

Buffer overflow in Tiny FTP Daemon Ver0.52d allows an attacker to cause a denial-of-service DoS condition or execute arbitrary code via unspecified vectors...

10CVSS9.7AI score0.0323EPSS
Exploits0References1
Prion
Prion
added 2018/03/22 1:29 p.m.7 views

Buffer overflow

Buffer overflow in Tiny FTP Daemon Ver0.52d allows an attacker to cause a denial-of-service DoS condition or execute arbitrary code via unspecified vectors...

10CVSS9.7AI score0.0323EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/03/22 1:0 p.m.11 views

CVE-2018-0541

Buffer overflow in Tiny FTP Daemon Ver0.52d allows an attacker to cause a denial-of-service DoS condition or execute arbitrary code via unspecified vectors...

9.8AI score0.0323EPSS
Exploits0References1
CVE
CVE
added 2018/03/22 1:0 p.m.45 views

CVE-2018-0541

The CVE-2018-0541 entry concerns TinyFTP Daemon Ver0.52d, which contains a buffer overflow (CWE-121). The vulnerability may allow a remote attacker to cause a denial-of-service or execute arbitrary code. Documented impact across sources confirms DoS and code execution possibilities via unspecifie...

10CVSS9.7AI score0.0323EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2017/09/22 12:0 a.m.4 views

Fedora pure-ftpd misconfiguration vulnerability

Fedora is a Linux-based operating system developed by the Fedora Project community and sponsored by Red Hat. pure-ftpd is one of the FTP service programs. A misconfiguration vulnerability exists in Downstream version 1.0.46-1 of pure-ftpd in Fedora. A remote attacker could exploit this...

9.8CVSS9.1AI score0.01517EPSS
Exploits0References1
Rows per page
Query Builder