44 matches found
EUVD-2001-1174
Malware in sbrugna...
EUVD-2000-0857
Malware in sbrugna...
EUVD-2000-0858
Malware in sbrugna...
EUVD-2001-1093
Malware in sbrugna...
EUVD-2001-1090
Malware in sbrugna...
EFTP Server 2.0.7 .337 Directory and File Existence Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3333/info A user can confirm the existence and location of files and directory structure information, by submitting a 'size' or 'mdtm' command of a file. If the command is carried out by the vulnerable service, the attack...
EFTP 2.0.7 .337 Buffer Overflow Code Execution and Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3330/info Encrypted FTP EFTP is both an FTP client and server application for Windows platforms. A malicious user with upload permissions to the target host can cause a buffer overflow in EFTP to execute code of the...
EFTP buffer overflow
It was possible to crash the EFTP service by uploading a .lnk file containing too much data. A cracker may use this attack to make this service crash continuously, or run arbitrary code on your system. OpenVAS Vulnerability Test $Id: eftpbufferoverflow.nasl 8023 2017-12-07 08:36:26Z teissa $...
EFTP < 2.0.8.348 Information Disclosure Vulnerability
The remote FTP server can be used to determine if a given file exists on the remote host or not, by adding dot-dot-slashes in front of them. SPDX-FileCopyrightText: 2001 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
EFTP <= 2.0.7.337 Installation Directory Disclosure Vulnerability
The remote FTP server can be used to determine the installation directory by sending a request on an unexisting file. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
EFTP < 2.0.8.x Buffer Overflow Vulnerability
It was possible to crash the EFTP service by uploading a .lnk file containing too much data. SPDX-FileCopyrightText: 2001 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
EFTP < 2.0.8.348 File Enumeration
Binary data 1834.prm...
EFTP .lnk File Upload Overflow DoS
Binary data 1833.prm...
EFTP does not adequately validate user input thereby allowing directory traversal
Overview Encrypted File Transfer Program EFTP does not properly validate CWD commands, allowing authenticated users to read arbitrary directories and files. Description Encrypted File Transfer Program EFTP is an implementation of the FTP protocol using 448-bit Blowfish encryption. EFTP allows...
EFTP Nonexistent File Request Installation Directory Disclosure
The version of EFTP installed on the remote host reveals its installation directory if sent a request for a nonexistent file. An authenticated attacker may leverage this flaw to gain more knowledge about the affected host, such as its filesystem layout. TRUSTED...
CVE-2001-1193
Directory traversal vulnerability in EFTP 2.0.8.346 allows local users to read directories via a ... modified dot dot in the CWD command...
CVE-2001-1193
The CVE-2001-1193 issue affects EFTP, specifically version 2.0.8.346, where the CWD (change working directory) command does not properly validate input, allowing authenticated local users to perform a directory traversal and read arbitrary directories/files on the server. This is a confirmed vuln...
EFTP .lnk File Handling Remote Overflow
The version of EFTP running on the remote host has a remote buffer overflow vulnerability. Issuing the LS command on a maliciously crafted .lnk file results in an overflow. A remote attacker could exploit this to crash the service, or possibly execute arbitrary code. C Tenable Network Security,...
EFTP Multiple Command Traversal Arbitrary Directory Listing
The version of EFTP installed on the remote host can be used to determine if a given file exists on the remote host or not, by adding dot-dot-slashes in front of them. For instance, it is possible to determine the presence of '\autoexec.bat' by using the command SIZE or MDTM with the argument...
CVE-2001-1109
Directory traversal vulnerability in EFTP 2.0.7.337 allows remote authenticated users to reveal directory contents via a .. dot dot in the 1 LIST, 2 QUOTE SIZE, and 3 QUOTE MDTM commands...