Lucene search
K

1565 matches found

Cvelist
Cvelist
added 1999/09/29 4:0 a.m.33 views

CVE-1999-0368

Buffer overflows in wuarchive ftpd wu-ftpd and ProFTPD lead to remote root access, a.k.a. palmetto...

6.7AI score0.39233EPSS
Exploits1References1
CVE
CVE
added 1999/09/29 4:0 a.m.137 views

CVE-1999-0368

The CVE-1999-0368 issue involves buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD that can lead to remote root access (palmetto). Red Hat’s entry reiterates the same vulnerability. Nessus plugin 10318 (WU-FTPD Multiple Vulnerabilities) and 10318’s description cite the overflow as enabling...

10CVSS6.7AI score0.39233EPSS
Exploits1References1Affected Software2
Packet Storm
Packet Storm
added 1999/09/28 12:0 a.m.41 views

SDI.exploit4.proftpd.txt

From: Bugtraq List [email protected] on behalf of Thiago/c0nd0r [email protected] Sent: Wednesday, September 15, 1999 12:31 PM To: [email protected] Subject: SDI anonymous remote exploit for proftpd Hello, I've seen some discussion about the possibility of exploit the newest proft...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/09/28 12:0 a.m.24 views

proftpd.1.2.0pre6.txt

Tymm Twillman [email protected] Sent: Friday, September 17, 1999 2:15 PM Subject: proftpd 1.2.0pre6 patch Before I release the exploit, I'd like to give people a chance to fix the problem. Here's the patch. Note that there are other potential problems; I've been in contact with MacGyver and a...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/09/22 12:0 a.m.21 views

proftpd_exploit.txt

Subject: ProFTPD To: [email protected] / !!!! Private .. ... distribute !!!! proftpd-1.2.0 remote root exploit beta2 Still need some code, but it works fine Offset: Linux Redhat 6.0 0 - proftpd-1.2.0pre1 0 - proftpd-1.2.0pre2 0 - proftpd-1.2.0pre3 If this dont work, try changing the align...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/09/22 12:0 a.m.39 views

proftpd_exploiting_toolkit.txt

Subject: proftpd To: [email protected] -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 / babcia padlina ltd. poland, 17/08/99 your ultimate proftpd pre0-3 exploiting toolkit based on: - adm-wuftpd by duke - kombajn do czere¶ni by Lam3rZ thx for shellcode! thx and greetz. / include include...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 1999/09/21 12:0 a.m.27 views

ProFTPD NLST Command Argument Handling Remote Overflow

It was possible to crash the remote FTP server by issuing a specially crafted command, such as 'NLST aaaXXXX%u%...%u%u%u%%u%653300u%n' where 'XXXX' is replaced with four characters - ASCII values 0xDC, 0x4F, 0x07 and 0x08. This issue is known to affect ProFTPD version 1.2.0pre6, although other FT...

10CVSS5.8AI score0.38054EPSS
Exploits0References4
Packet Storm
Packet Storm
added 1999/09/19 12:0 a.m.44 views

proftpd_exploit.txt

Subject: SDI anonymous remote exploit for proftpd To: [email protected] Hello, I've seen some discussion about the possibility of exploit the newest proftpd vulnerability without having the permission to write STOR. Here is the proof. Unlikely the last published exploit, this one does not...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/09/19 12:0 a.m.28 views

FreeBSD_FTP_port_holes.txt

Subject: [email protected]: FreeBSD Security Advisory: FreeBSD-SA-99:03.ftpd REISSUED To: [email protected] [email protected] 2.ems Content-Type: text/plain; charset=us-ascii PGP Signature Status: unknown Signer: Unknown, Key ID xBE7497F1 Signed: 9/15/99 11:30:30 PM...

7.4AI score
Exploits0
exploitpack
exploitpack
added 1999/09/17 12:0 a.m.21 views

ProFTPd 1.2 pre6 - snprintf Remote Root

ProFTPd 1.2 pre6 - snprintf Remote Root source: https://www.securityfocus.com/bid/650/info Lack of user input validation in ProFTPD can lead to a remote root vulnerability. On systems that support it ProFTPD will attempt to modify the name of the program being executed argv0 to display the comman...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 1999/09/17 12:0 a.m.38 views

ProFTPd 1.2 pre6 - 'snprintf' Remote Root

source: https://www.securityfocus.com/bid/650/info Lack of user input validation in ProFTPD can lead to a remote root vulnerability. On systems that support it ProFTPD will attempt to modify the name of the program being executed argv0 to display the command being executed by the logged on user. ...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 1999/09/10 12:0 a.m.84 views

ProFTPD mkdir Buffer Overflow

It is possible to crash the remote FTP service by creating a large number of nested directories with names no longer than 255 chars. This issue is known to affect ProFTPD, although other FTP servers may be affected as well. It is likely that a remote attacker can leverage this issue to execute...

10CVSS5.8AI score0.38054EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 1999/08/31 12:0 a.m.25 views

ProFTPD 1.2.0pre4 mkdir Command Directory Name Handling Remote Overflow

It was possible to crash the remote FTP server by creating a large number of nested directories and then trying to upload a file. This issue is known to affect ProFTPD, although other FTP servers may be affected as well. It is likely that a remote attacker can leverage this issue to execute...

10CVSS5.8AI score0.38054EPSS
Exploits0References2
NVD
NVD
added 1999/08/27 4:0 a.m.15 views

CVE-1999-0911

Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories...

10CVSS7.3AI score0.38054EPSS
Exploits0References2
exploitpack
exploitpack
added 1999/08/27 12:0 a.m.14 views

ProFTPd 1.2 pre1pre2pre3pre4pre5 - Remote Buffer Overflow (2)

ProFTPd 1.2 pre1pre2pre3pre4pre5 - Remote Buffer Overflow 2 // source: https://www.securityfocus.com/bid/612/info The vulnerability in 1.2pre1, 1.2pre3 and 1.2pre3 is a remotely exploitable buffer overflow, the result of a sprintf in the logxfer routine in src/log.c. The vulnerability in 1.2pre4 ...

1.4AI score
Exploits0
Exploit DB
Exploit DB
added 1999/08/27 12:0 a.m.27 views

ProFTPd 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (2)

// source: https://www.securityfocus.com/bid/612/info The vulnerability in 1.2pre1, 1.2pre3 and 1.2pre3 is a remotely exploitable buffer overflow, the result of a sprintf in the logxfer routine in src/log.c. The vulnerability in 1.2pre4 is a mkdir overflow. The name of the created path can not...

7.4AI score
Exploits0
exploitpack
exploitpack
added 1999/08/17 12:0 a.m.22 views

ProFTPd 1.2 pre1pre2pre3pre4pre5 - Remote Buffer Overflow (1)

ProFTPd 1.2 pre1pre2pre3pre4pre5 - Remote Buffer Overflow 1 // source: https://www.securityfocus.com/bid/612/info The vulnerability in 1.2pre1, 1.2pre3 and 1.2pre3 is a remotely exploitable buffer overflow, the result of a sprintf in the logxfer routine in src/log.c. The vulnerability in 1.2pre4 ...

1.4AI score
Exploits0
Exploit DB
Exploit DB
added 1999/08/17 12:0 a.m.50 views

ProFTPd 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (1)

// source: https://www.securityfocus.com/bid/612/info The vulnerability in 1.2pre1, 1.2pre3 and 1.2pre3 is a remotely exploitable buffer overflow, the result of a sprintf in the logxfer routine in src/log.c. The vulnerability in 1.2pre4 is a mkdir overflow. The name of the created path can not...

7.4AI score
Exploits0
Debian
Debian
added 1999/02/11 11:4 p.m.1 views

[SECURITY] New versions of proftpd fixes buffer overflow

We have received reports that the proftpd package as distributed in Debian GNU/Linux 2.0 is vulnerable to a buffer overflow. Using this vulnerability, known as palmetto, it is possible to gain shell access or otherwise circumvent normal login access and logging mechanisms. This has been fixed in...

6.2AI score
Exploits0
Debian
Debian
added 1999/02/11 12:0 a.m.10 views

[SECURITY] New versions of proftpd fixes buffer overflow

We have received reports that the proftpd package as distributed in Debian GNU/Linux 2.0 is vulnerable to a buffer overflow. Using this vulnerability, known as palmetto, it is possible to gain shell access or otherwise circumvent normal login access and logging mechanisms. This has been fixed in...

4AI score
Exploits0
Rows per page
Query Builder