Cerberus FTP Server Enterprise Cross-Site Scripting Vulnerability

Cerberus FTP Server is a Windows-based FTP server from Cerberus USA that supports encrypted FTP sessions via FTPS and SFTP. A cross-site scripting vulnerability exists in Cerberus FTP Server Enterprise versions prior to 10.0.19, 11.x series versions prior to 11.0.4, which can be exploited by an...

EFTP 2.0.7 .337 Buffer Overflow Code Execution and Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3330/info Encrypted FTP EFTP is both an FTP client and server application for Windows platforms. A malicious user with upload permissions to the target host can cause a buffer overflow in EFTP to execute code of the...

CVE-2011-1575

The STARTTLS implementation in ftpparser.c in Pure-FTPd before 1.0.30 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted FTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext...

EFTP 2.0.7 337 - Remote Buffer Overflow Code Execution / Denial of Service

// source: https://www.securityfocus.com/bid/3330/info Encrypted FTP EFTP is both an FTP client and server application for Windows platforms. A malicious user with upload permissions to the target host can cause a buffer overflow in EFTP to execute code of the attacker's choosing. The attacker ca...