99 matches found
CVE-2007-4843
Directory traversal vulnerability in X-Diesel Unreal Commander 0.92 build 565 and 573 allows remote FTP servers to create or overwrite arbitrary files via a .. dot dot in a filename. NOTE: this can be leveraged for code execution by writing to a Startup folder...
CVE-2007-3768
The mirror mechanism in SurgeFTP 2.3a1 allows user-assisted, remote FTP servers to cause a denial of service restart via a malformed response to a PASV command...
Cross site scripting
Cross-site scripting XSS vulnerability in the mirrored server management interface in SurgeFTP 2.3a1 allows user-assisted, remote FTP servers to inject arbitrary web script or HTML via a malformed response without a status code, which is reflected to the user in the resulting error message. NOTE:...
CVE-2007-3769
Cross-site scripting XSS vulnerability in the mirrored server management interface in SurgeFTP 2.3a1 allows user-assisted, remote FTP servers to inject arbitrary web script or HTML via a malformed response without a status code, which is reflected to the user in the resulting error message. NOTE:...
Stack overflow
Stack-based buffer overflow in W3Filer 2.1.3 allows remote FTP servers to cause a denial of service application hang or crash and possibly execute arbitrary code by sending a large banner to a client that is sending a file...
CVE-2007-3548
Stack-based buffer overflow in W3Filer 2.1.3 allows remote FTP servers to cause a denial of service application hang or crash and possibly execute arbitrary code by sending a large banner to a client that is sending a file...
CVE-2007-3161
Buffer overflow in Ace-FTP Client 1.24a allows user-assisted, remote FTP servers to execute arbitrary code via a long response...
CVE-2007-0790
Heap-based buffer overflow in SmartFTP 2.0.1002 allows remote FTP servers to execute arbitrary code via a large banner...
CVE-2006-4974
Buffer overflow in Ipswitch WSFTP Limited Edition LE 5.08 allows remote FTP servers to execute arbitrary code via a long response to a PASV command...
CVE-2005-2126
The FTP client in Windows XP SP1 and Server 2003, and Internet Explorer 6 SP1 on Windows 2000 SP4, when "Enable Folder View for FTP Sites" is enabled and the user manually initiates a file transfer, allows user-assisted, remote FTP servers to overwrite files in arbitrary locations via crafted...
CVE-2005-3258
The rfc1738doescape function in ftp.c for Squid 2.5 STABLE11 and earlier allows remote FTP servers to cause a denial of service segmentation fault via certain "odd" responses...
CVE-2005-3150
CVE-2005-3150 affects Weex, a non-interactive FTP client used for updating web pages. The vulnerability is a format string bug in Weex that could allow remote code execution when processing filenames, as described in multiple sources. Debian and Gentoo advisories cite fixes in older branches and ...
CVE-2002-2026
Buffer overflow in BrowseFTP 1.62 client allows remote FTP servers to execute arbitrary code via a long FTP "220" message reply...
CVE-2004-1136
Buffer overflow in CuteFTP Professional 6.0, and possibly other versions, allows remote FTP servers to cause a denial of service application crash via large replies to FTP commands...
CVE-2004-1136
CVE-2004-1136 affects CuteFTP Professional 6.0 (and possibly other versions). The vulnerability is a buffer overflow in the FTP command/response handling that occurs when the client processes large replies from an FTP server, enabling a remote server to trigger a denial of service (application cr...
CVE-2004-0739
Buffer overflow in Whisper FTP Surfer 1.0.7 allows remote FTP servers to cause a denial of service client crash and possibly execute arbitrary code via a long filename...
FTP Desktop 3.5 - Banner Parsing Buffer Overflow
source: https://www.securityfocus.com/bid/8559/info A buffer overflow vulnerability has been reported in FTP Desktop. The vulnerability occurs when FTP Desktop is parsing 'Welcome' banner 220 messages from remote FTP servers. When FTP Desktop receives an FTP banner exceeding a certain length, it...
IglooFTP 0.6.1 - Banner Parsing Buffer Overflow
source: https://www.securityfocus.com/bid/8161/info A buffer overflow vulnerability has been reported in IglooFTP. The vulnerability occurs when IglooFTP is parsing 'Welcome' banner messages from remote FTP servers. When IglooFTP receives an FTP banner exceeding a certain length, it will trigger...
CuteFTP: buffer overflow
Damage Hacking Group security advisory www.dhgroup.org Product: CuteFTP client Authors: GlobalSCAPE Inc. www.globalscape.com Vulnerable versions: v.4. Vulnerability: buffer overflow Overview-------------------------------------------------------------- "CuteFTP is a Windows based File Transfer...