Low: zsh

Issue Overview: NULL dereference in cd in sh compatibility mode under given circumstances In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set. CVE-2017-18205 Null-pointer...

Null pointer dereference

In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set...

DEBIAN-CVE-2017-18205

In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set...

CVE-2017-18205

In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set...

CVE-2017-18205

CVE-2017-18205 affects zsh (before 5.4): in sh compatibility mode, there is a NULL pointer dereference when executing cd with no argument if HOME is not set. This is linked across multiple advisories (e.g., Red Hat, SUSE, MiracleLinux, VMware Photon) as a vulnerability in zsh; the connected docum...

CVE-2017-18205

In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set...

UBUNTU-CVE-2017-18205

In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set...

CVE-2017-18205

In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set...

MollenSoft Lightweight FTP Server 3.6 - Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10429/info Lightweight FTP Server is prone to a remote buffer overflow vulnerability. This vulnerability can potentially allow a remote attacker to execute arbitrary code in the context of the server process. This issue...

CVE-2004-2081

S CVE-2004-2081 affects Sami FTP Server 1.1.3. Local users can trigger a denial of service (pmsystem.exe crash) by issuing FTP commands: (1) CD with a tilde (~) or /../, or (2) GET for an unavailable file. This is the vulnerability described in the CVE entry; exploitation details are not provided...

CVE-2004-2081

The samiftp.dll library in Sami FTP Server 1.1.3 allows local users to cause a denial of service pmsystem.exe crash by issuing 1 a CD command with a tilde character or dot dot /../ or 2 a GET command for an unavailable file...

Ipswitch WS_FTP Server 5.0.x - CD Command Malformed File Path Remote Denial of Service

source: https://www.securityfocus.com/bid/11065/info WSFTP Server is reported prone to a remote denial of service vulnerability. This issue presents itself when the application processes a malformed file path through the 'cd' command. WSFTP Server version 5.0.2 is reported prone to this issue,...

CVE-2004-0677

Fastream NETFile FTP Server 6.7.2.1085 and earlier allows remote attackers to cause a denial of service temporary hang via the cd command with an unusual argument, possibly due to multiple leading slashes and/or an access to the floppy drive "A"...

CVE-2003-0392

The CVE-2003-0392 entry concerns ST FTP Service 3.0, where a vulnerability in the CD command handling enables directory traversal. An attacker can cause the server to list arbitrary directories by supplying a drive-letter argument (for example, CD E:), potentially exposing files outside the FTP j...

ST FTP directory traversal

It's possible to perform cd to any disk...

CVE-2001-0963

SpoonFTP Server (version 1.1) is affected by a directory-traversal vulnerability in the CWD command due to inadequate input validation, allowing local users (and in some cases remote users) to access files outside the FTP root with the user’s privileges. CERT/CC notes the impact as reading direct...

CVE-2001-0452

BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a "CD " command followed by an ls command...

CVE-2001-0480

Directory traversal vulnerability in Alex's FTP Server 0.7 allows remote attackers to read arbitrary files via a ... modified dot dot in the 1 GET or 2 CD commands...

CVE-2001-0452

BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a "CD " command followed by an ls command...