Lucene search
K

1045 matches found

OSV
OSV
added 2024/10/24 9:15 p.m.8 views

UBUNTU-CVE-2024-48208

pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an out of bounds read in the domlsd function of the ls.c file...

8.6CVSS5.8AI score0.01511EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/10/24 12:0 a.m.39 views

Pure-FTPd 安全漏洞

Pure-FTPd is an FTP File Transfer Protocol server from the individual developer Frank Denis. A security vulnerability exists in Pure-FTPd versions prior to 1.0.52, which stems from an out-of-bounds read problem in the domlsd of the ls.c file...

8.6CVSS8.7AI score0.01511EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/10/24 12:0 a.m.17 views

CVE-2024-48208

pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an out of bounds read in the domlsd function of the ls.c file...

6.7AI score0.01511EPSS
Exploits1References1
OSV
OSV
added 2024/10/24 12:0 a.m.15 views

CVE-2024-48208

pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an out of bounds read in the domlsd function of the ls.c file...

8.6CVSS6.4AI score0.01511EPSS
Exploits1References3
CVE
CVE
added 2024/10/24 12:0 a.m.120 views

CVE-2024-48208

CVE-2024-48208 affects pure-ftpd versions prior to 1.0.52, which are vulnerable to a buffer overflow due to an out-of-bounds read in the domlsd() function of ls.c. This is supported by multiple sources in the connected documents, including TencentOS advisory references and vendor/open-source advi...

8.6CVSS6.8AI score0.01511EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/10/24 12:0 a.m.41 views

CVE-2024-48208

pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an out of bounds read in the domlsd function of the ls.c file...

0.01511EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2024/10/24 12:0 a.m.18 views

CVE-2024-48208

pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an out of bounds read in the domlsd function of the ls.c file...

8.6CVSS8.3AI score0.01511EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2024/09/18 12:0 a.m.5 views

PT-2024-8546 · Pure Ftpd +1 · Pure-Ftpd +1

Name of the Vulnerable Software and Affected Versions: Pure-FTPd versions prior to 1.0.52 Description: The issue is related to the domlsd function in the ls.c file of the Pure-FTPd FTP server, which is associated with an out of bounds read in memory. This can be exploited by a remote attacker to...

9CVSS6.8AI score0.01511EPSS
Exploits1References15
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.175 views

Guild FTPd 0.999.8.11/0.999.14 Heap Corruption

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Guild FTPd 0.999.8.11/0.999.14 Heap Corruption', 'Description' = %q Guild FTPd 0.999.8.11 and 0.999.14 are vulnerable to heap corruption. You nee...

10CVSS7AI score0.60692EPSS
Exploits2
OSV
OSV
added 2024/08/23 6:54 p.m.12 views

GHSA-34QG-65M4-F23M Froxlor: /etc/pure-ftpd/db/mysql.conf is chmod 644 but contains <SQL_UNPRIVILEGED_PASSWORD>

Summary In Froxlor 2.1.9 and in the HEADs of the main, v2.2 and v2.1 branches , the XML templates in lib/configfiles/ set chmod 644 for /etc/pure-ftpd/db/mysql.conf, although that file contains . At least on Debian 12, all parent directories of /etc/pure-ftpd/db/mysql.conf are world readable by...

8.4CVSS7.4AI score
Exploits0References4
Github Security Blog
Github Security Blog
added 2024/08/23 6:54 p.m.11 views

Froxlor: /etc/pure-ftpd/db/mysql.conf is chmod 644 but contains <SQL_UNPRIVILEGED_PASSWORD>

Summary In Froxlor 2.1.9 and in the HEADs of the main, v2.2 and v2.1 branches , the XML templates in lib/configfiles/ set chmod 644 for /etc/pure-ftpd/db/mysql.conf, although that file contains . At least on Debian 12, all parent directories of /etc/pure-ftpd/db/mysql.conf are world readable by...

7.4AI score
Exploits0References4Affected Software1
OSV
OSV
added 2024/06/15 12:0 a.m.15 views

OPENSUSE-SU-2024:11773-1 pure-ftpd-1.0.50-1.1 on GA media

These are all security issues fixed in the pure-ftpd-1.0.50-1.1 package on the GA media of openSUSE Tumbleweed...

7.5CVSS7.6AI score0.07112EPSS
Exploits1References4
OSV
OSV
added 2024/06/15 12:0 a.m.17 views

OPENSUSE-SU-2024:10318-1 pure-ftpd-1.0.43-1.3 on GA media

These are all security issues fixed in the pure-ftpd-1.0.43-1.3 package on the GA media of openSUSE Tumbleweed...

6.8CVSS8.6AI score0.16334EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.23 views

RHEL 4 : krb5 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - krb5, krb5-appl: ftpd incorrect group privilege dropping MITKRB5-SA-2011-005 CVE-2011-1526 - krb5: SPNEGO...

7.5CVSS7.5AI score0.06243EPSS
Exploits0References3
F5 Networks
F5 Networks
added 2024/02/06 8:52 p.m.42 views

K000138509: ftpd vulnerabilities CVE-1999-0082 and CVE-1999-0201

Security Advisory Description CVE-1999-0082 CWD root command in ftpd allows root access. CVE-1999-0201 A quote cwd command on FTP servers can reveal the full path of the home directory of the "ftp" user. Impact There is no impact; F5 products are not affected by these vulnerabilities. Security...

10CVSS6.8AI score0.08027EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.34 views

Ubuntu 16.04 LTS : Pure-FTPd vulnerability (USN-4515-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4515-1 advisory. Antonio Norales discovered that Pure-FTPd incorrectly handled directory aliases. An attacker could possibly use this issue to access sensitive information...

7.5CVSS7.4AI score0.05813EPSS
Exploits0References2
NVD
NVD
added 2023/10/05 5:15 a.m.36 views

CVE-2023-45198

ftpd before "NetBSD-ftpd 20230930" can leak information about the host filesystem before authentication via an MLSD or MLST command. tnftpd the portable version of NetBSD ftpd before 20231001 is also vulnerable...

7.5CVSS7.6AI score0.00491EPSS
Exploits0References2
Prion
Prion
added 2023/10/05 5:15 a.m.21 views

Authentication flaw

ftpd before "NetBSD-ftpd 20230930" can leak information about the host filesystem before authentication via an MLSD or MLST command. tnftpd the portable version of NetBSD ftpd before 20231001 is also vulnerable...

5CVSS7.6AI score0.00491EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2023/10/05 12:0 a.m.62 views

CVE-2023-45198

CVE-2023-45198 affects ftpd before NetBSD-ftpd 20230930 and tnftpd before 20231001, enabling leakage of host filesystem information prior to authentication via MLSD/MLST. Red Hat/EUVD entries corroborate the issue. Remediation is to upgrade to NetBSD-ftpd 20231001 or later (or apply equivalent ve...

7.5CVSS7.5AI score0.00491EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2023/10/05 12:0 a.m.18 views

CVE-2023-45198

ftpd before "NetBSD-ftpd 20230930" can leak information about the host filesystem before authentication via an MLSD or MLST command. tnftpd the portable version of NetBSD ftpd before 20231001 is also vulnerable...

7.1AI score0.00491EPSS
Exploits0References2
Rows per page
Query Builder