CVE-2025-11947

A weakness has been identified in bftpd up to 6.2. Impacted is the function expandgroups of the file options.c of the component Configuration File Handler. Executing a manipulation can lead to heap-based buffer overflow. It is possible to launch the attack on the local host. Attacks of this natur...

EUVD-2001-0065

Malware in sbrugna...

EUVD-2017-8063

Malware in sbrugna...

EUVD-2020-27316

Malware in sbrugna...

EUVD-2007-2046

Malware in sbrugna...

EUVD-2007-2005

Malware in sbrugna...

CVE-2009-4593

The bftpdutmplog function in bftpdutmp.c in Bftpd before 2.4 does not place a '\0' character at the end of the string value of the ut.buhost structure member, which might allow remote attackers to cause a denial of service daemon crash via unspecified vectors. NOTE: some of these details are...

bftpd < 1.0.14 chown Command Overflow

Binary data 1828.prm...

bftpd < 1.0.13 Format String Overflow

Binary data 1829.prm...

CVE-2001-0065

Buffer overflow in bftpd 1.0.13 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long SITE CHOWN command...

CVE-2001-0065

Buffer overflow in bftpd 1.0.13 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long SITE CHOWN command...

bftpd Multiple Command Remote Overflow

The version of bftpd running on the remote host is vulnerable to a remote buffer overflow attack when issued very long arguments to the SITE CHOWN command. A remote attacker could exploit this issue to crash the FTP server, or possibly execute arbitrary code. TRUSTED...

Potential Buffer Overflow vulnerability in bftpd-1.0.13

There is a potential buffer overflow vulnerability in the command "SITE CHOWN" 230 User logged in. site chown AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.AAAAAAAAAA A 550 User 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA' not found. Connection closed by foreign host. gdb /usr/sbin/bftpd 18214 ............. Loade...

Дырка в bftpd

Ошибка форматной строки позволяет выполнение кода на сервере. Кроме того - переполненеи буфера в команде chown...

BFTPd 1.0.12 Remote Exploit

Exploit for linux platform in category remote exploits =========================== BFTPd 1.0.12 Remote Exploit =========================== / Creates a filname to exploit the bug in bftpd 1.0.12 Create the file, cwd in the shell directory and nlist the file directory. Coded by korty / include...

bftpd NLST Command Output Format String

The remote FTP server, which appears to be Bftpd, has a format string vulnerability in the NLST command. A remote attacker could use this to crash the service, or possibly execute arbitrary code. C Tenable Network Security, Inc. Script audit and contributions from Carmichael Security Erik Anderso...

Malformed vsprintf in bftpd

There is a malformed vsprintf in bftpd 1.0.12 in function sendstrf: int sendstrfint s, char format, ... .... vsprintfbuffer, format, val; when the function is called from NLIST command: else foo = 1; sendstrfs, entry-dname; This can be used to overflow the buffer of the vsprintf and execute...

BFTPd vsprintf() Format Strings Exploit

Exploit for linux platform in category remote exploits ======================================= BFTPd vsprintf Format Strings Exploit ======================================= Copyright c 2000 - Security.is The following material may be freely redistributed, provided that the code or the disclaimer...

Дырка в bftpd &#40;USER bo&#41;

Классическое переполнение буфера в команде USER...