1045 matches found
UBUNTU-CVE-2024-48208
pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an out of bounds read in the domlsd function of the ls.c file...
Pure-FTPd 安全漏洞
Pure-FTPd is an FTP File Transfer Protocol server from the individual developer Frank Denis. A security vulnerability exists in Pure-FTPd versions prior to 1.0.52, which stems from an out-of-bounds read problem in the domlsd of the ls.c file...
CVE-2024-48208
pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an out of bounds read in the domlsd function of the ls.c file...
CVE-2024-48208
pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an out of bounds read in the domlsd function of the ls.c file...
CVE-2024-48208
CVE-2024-48208 affects pure-ftpd versions prior to 1.0.52, which are vulnerable to a buffer overflow due to an out-of-bounds read in the domlsd() function of ls.c. This is supported by multiple sources in the connected documents, including TencentOS advisory references and vendor/open-source advi...
CVE-2024-48208
pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an out of bounds read in the domlsd function of the ls.c file...
CVE-2024-48208
pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an out of bounds read in the domlsd function of the ls.c file...
PT-2024-8546 · Pure Ftpd +1 · Pure-Ftpd +1
Name of the Vulnerable Software and Affected Versions: Pure-FTPd versions prior to 1.0.52 Description: The issue is related to the domlsd function in the ls.c file of the Pure-FTPd FTP server, which is associated with an out of bounds read in memory. This can be exploited by a remote attacker to...
Guild FTPd 0.999.8.11/0.999.14 Heap Corruption
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Guild FTPd 0.999.8.11/0.999.14 Heap Corruption', 'Description' = %q Guild FTPd 0.999.8.11 and 0.999.14 are vulnerable to heap corruption. You nee...
GHSA-34QG-65M4-F23M Froxlor: /etc/pure-ftpd/db/mysql.conf is chmod 644 but contains <SQL_UNPRIVILEGED_PASSWORD>
Summary In Froxlor 2.1.9 and in the HEADs of the main, v2.2 and v2.1 branches , the XML templates in lib/configfiles/ set chmod 644 for /etc/pure-ftpd/db/mysql.conf, although that file contains . At least on Debian 12, all parent directories of /etc/pure-ftpd/db/mysql.conf are world readable by...
Froxlor: /etc/pure-ftpd/db/mysql.conf is chmod 644 but contains <SQL_UNPRIVILEGED_PASSWORD>
Summary In Froxlor 2.1.9 and in the HEADs of the main, v2.2 and v2.1 branches , the XML templates in lib/configfiles/ set chmod 644 for /etc/pure-ftpd/db/mysql.conf, although that file contains . At least on Debian 12, all parent directories of /etc/pure-ftpd/db/mysql.conf are world readable by...
OPENSUSE-SU-2024:11773-1 pure-ftpd-1.0.50-1.1 on GA media
These are all security issues fixed in the pure-ftpd-1.0.50-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:10318-1 pure-ftpd-1.0.43-1.3 on GA media
These are all security issues fixed in the pure-ftpd-1.0.43-1.3 package on the GA media of openSUSE Tumbleweed...
RHEL 4 : krb5 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - krb5, krb5-appl: ftpd incorrect group privilege dropping MITKRB5-SA-2011-005 CVE-2011-1526 - krb5: SPNEGO...
K000138509: ftpd vulnerabilities CVE-1999-0082 and CVE-1999-0201
Security Advisory Description CVE-1999-0082 CWD root command in ftpd allows root access. CVE-1999-0201 A quote cwd command on FTP servers can reveal the full path of the home directory of the "ftp" user. Impact There is no impact; F5 products are not affected by these vulnerabilities. Security...
Ubuntu 16.04 LTS : Pure-FTPd vulnerability (USN-4515-1)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4515-1 advisory. Antonio Norales discovered that Pure-FTPd incorrectly handled directory aliases. An attacker could possibly use this issue to access sensitive information...
CVE-2023-45198
ftpd before "NetBSD-ftpd 20230930" can leak information about the host filesystem before authentication via an MLSD or MLST command. tnftpd the portable version of NetBSD ftpd before 20231001 is also vulnerable...
Authentication flaw
ftpd before "NetBSD-ftpd 20230930" can leak information about the host filesystem before authentication via an MLSD or MLST command. tnftpd the portable version of NetBSD ftpd before 20231001 is also vulnerable...
CVE-2023-45198
CVE-2023-45198 affects ftpd before NetBSD-ftpd 20230930 and tnftpd before 20231001, enabling leakage of host filesystem information prior to authentication via MLSD/MLST. Red Hat/EUVD entries corroborate the issue. Remediation is to upgrade to NetBSD-ftpd 20231001 or later (or apply equivalent ve...
CVE-2023-45198
ftpd before "NetBSD-ftpd 20230930" can leak information about the host filesystem before authentication via an MLSD or MLST command. tnftpd the portable version of NetBSD ftpd before 20231001 is also vulnerable...