Lucene search
K

1565 matches found

exploitpack
exploitpack
added 2004/10/17 12:0 a.m.21 views

ProFTPd 1.2.10 - Remote Users Enumeration

ProFTPd 1.2.10 - Remote Users Enumeration / Details Vulnerable Systems: ProFTPD Version 1.2.10 and below It is possible to determine which user names are valid, which are special, and which ones do not exist on the remote system. This can be accomplished by code execution path timing analysis...

7.5AI score
Exploits0
seebug.org
seebug.org
added 2004/10/17 12:0 a.m.24 views

ProFTPD <= 1.2.10 Remote Users Enumeration Exploit

No description provided by source. / Details Vulnerable Systems: ProFTPD Version 1.2.10 and below It is possible to determine which user names are valid, which are special, and which ones do not exist on the remote system. This can be accomplished by code execution path timing analysis attack at...

7.1AI score
Exploits0
0day.today
0day.today
added 2004/10/17 12:0 a.m.52 views

ProFTPD <= 1.2.10 Remote Users Enumeration Exploit

Exploit for linux platform in category remote exploits ================================================== ProFTPD include include include include define PORT 21 define PROBE 8 main int argc, char argv int sock,n,y; long dist,stat=0; struct sockaddrin sin; char buf1024, buf21024; struct timeval t...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/10/17 12:0 a.m.77 views

ProFTPD Login Timing Account Name Enumeration

The remote ProFTPd server is as old or older than 1.2.10 It is possible to determine which user names are valid on the remote host based on timing analysis attack of the login procedure. An attacker may use this flaw to set up a list of valid usernames for a more efficient brute-force attack...

5CVSS5.6AI score0.30679EPSS
Exploits1
Exploit DB
Exploit DB
added 2004/10/17 12:0 a.m.257 views

ProFTPd 1.2.10 - Remote Users Enumeration

/ Details Vulnerable Systems: ProFTPD Version 1.2.10 and below It is possible to determine which user names are valid, which are special, and which ones do not exist on the remote system. This can be accomplished by code execution path timing analysis attack at the ProFTPd login procedure. There ...

7.4AI score
Exploits0
NVD
NVD
added 2004/10/15 4:0 a.m.10 views

CVE-2004-1602

ProFTPD 1.2.x, including 1.2.8 and 1.2.10, responds in a different amount of time when a given username exists, which allows remote attackers to identify valid usernames by timing the server response...

5CVSS6.7AI score0.30679EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2004/10/15 12:0 a.m.6 views

PT-2004-2510 · Proftpd · Proftpd

Name of the Vulnerable Software and Affected Versions: ProFTPD versions 1.2.x through 1.2.10 ProFTPD versions prior to 1.2.11 Description: The issue allows remote attackers to identify valid usernames by timing the server response, as the server responds in a different amount of time when a given...

5CVSS6.5AI score0.30679EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.22 views

Debian DSA-032-1 : proftpd - proftpd running with incorrect userid, erroneous file removal

The following problems have been reported for the version of proftpd in Debian 2.2 potato : - There is a configuration error in the postinst script, when the user enters 'yes', when asked if anonymous access should be enabled. The postinst script wrongly leaves the 'run as uid/gid root'...

7.5CVSS5.4AI score0.05882EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.23 views

Debian DSA-029-2 : proftpd - remote DOS & potential buffer overflow

The following problems have been reported for the version of proftpd in Debian 2.2 potato : - There is a memory leak in the SIZE command which can result in a denial of service, as reported by Wojciech Purczynski. This is only a problem if proftpd cannot write to its scoreboard file; the default...

7.5CVSS5.6AI score0.44936EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.28 views

Debian DSA-338-1 : proftpd - SQL injection

runlevel [email protected] reported that ProFTPD's PostgreSQL authentication module is vulnerable to a SQL injection attack. This vulnerability could be exploited by a remote, unauthenticated attacker to execute arbitrary SQL statements, potentially exposing the passwords of other users, or t...

10CVSS6.1AI score0.18266EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/08/30 12:0 a.m.30 views

GLSA-200405-09 : ProFTPD Access Control List bypass vulnerability

The remote host is affected by the vulnerability described in GLSA-200405-09 ProFTPD Access Control List bypass vulnerability ProFTPD 1.2.9 introduced a vulnerability that allows CIDR-based ACLs such as 10.0.0.1/24 to be bypassed. The CIDR ACLs are disregarded, with the net effect being similar t...

7.5CVSS5.6AI score0.09197EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.12 views

ProFTPD cwd Command Format String

Binary data 1818.prm...

7.5CVSS7.3AI score0.11438EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.17 views

Debian proftpd root Privilege Escalation

Binary data 1817.prm...

7.5CVSS7.3AI score0.05882EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.15 views

ProFTPd < 1.2.0pre6 mkdir Command Overflow

Binary data 1843.prm...

10CVSS7.3AI score0.38054EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.15 views

ProFTPd ASCII Newline Character Overflow

Binary data 1844.prm...

9CVSS7.3AI score0.55119EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.11 views

Debian ProFTPD Server Detection

Binary data 1851.prm...

7.3AI score
Exploits0
NVD
NVD
added 2004/08/18 4:0 a.m.22 views

CVE-2004-0432

ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions...

7.5CVSS6.5AI score0.09197EPSS
Exploits0References7
exploitpack
exploitpack
added 2004/08/13 12:0 a.m.17 views

ProFTPd - ftpdctl pr_ctrls_connect Local Overflow

ProFTPd - ftpdctl prctrlsconnect Local Overflow / This is simple local exploit Proof of Concept? for local bug in ProFTPd not in default options must be configured with option --enable-ctrls. Bug exist in func tion prctrlsconnect in file "src/ctrls.c", look: "src/ctrls.c" int prctrlsconnectconst...

0.4AI score
Exploits0
0day.today
0day.today
added 2004/08/13 12:0 a.m.24 views

ProFTPd Local pr_ctrls_connect Vuln - ftpdctl

Exploit for linux platform in category local exploits ============================================= ProFTPd Local prctrlsconnect Vuln - ftpdctl ============================================= / This is simple local exploit Proof of Concept? for local bug in ProFTPd not in default options must be...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2004/08/13 12:0 a.m.122 views

ProFTPd - &#039;ftpdctl&#039; &#039;pr_ctrls_connect&#039; Local Overflow

/ This is simple local exploit Proof of Concept? for local bug in ProFTPd not in default options must be configured with option --enable-ctrls. Bug exist in func tion prctrlsconnect in file "src/ctrls.c", look: "src/ctrls.c" int prctrlsconnectconst char socketfile ... struct sockaddrun clsock,...

7.4AI score
Exploits0
Rows per page
Query Builder