10 matches found
CVE-2023-45198
ftpd before "NetBSD-ftpd 20230930" can leak information about the host filesystem before authentication via an MLSD or MLST command. tnftpd the portable version of NetBSD ftpd before 20231001 is also vulnerable...
EUVD-2000-0461
Malware in sbrugna...
CVE-2002-2245
ftpd in NetBSD 1.5 through 1.5.3 and 1.6 does not properly quote a digit in response to a STAT command for a filename that contains a carriage return followed by a digit, which can cause firewalls and other intermediary devices to lose proper track of the FTP session...
Authentication flaw
ftpd before "NetBSD-ftpd 20230930" can leak information about the host filesystem before authentication via an MLSD or MLST command. tnftpd the portable version of NetBSD ftpd before 20231001 is also vulnerable...
NetBSD-ftpd 20100320 Remote DDoS
Exploit for bsd platform in category dos / poc !/usr/bin/python 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1...
Re: [Full-disclosure] NetBSD FTPD and ports ***REMOTE ROOOOOT HOLE***
I can confirm that this bug is present on OSX 10.3.9 at the very least. lukemftpd-20040810 is the version this was tested against. I am fairly sure that this issue was patched recently in: Security Update 2006-003 FTPServer CVE-ID: CVE-2006-1445 Available for: Mac OS X v10.3.9, Mac OS X Server...
NetBSD FTPd / tnftpd Remote Stack Overflow PoC
Exploit for bsd platform in category dos / poc ============================================== NetBSD FTPd / tnftpd Remote Stack Overflow PoC ============================================== !perl $$$ NetBSD ftpd and ports Remote ROOOOOT $HOLE$ $$$ About tnftpd is a port of the NetBSD FTP server to...
CVE-2002-2245
ftpd in NetBSD 1.5 through 1.5.3 and 1.6 does not properly quote a digit in response to a STAT command for a filename that contains a carriage return followed by a digit, which can cause firewalls and other intermediary devices to lose proper track of the FTP session...
CVE-2000-0574
Affected software: OpenBSD ftpd, NetBSD ftpd, ProFTPd, and Opieftpd. The issue is that untrusted format strings are not properly cleansed in setproctitle, allowing remote attackers to cause a denial of service or execute arbitrary commands. The connected Nessus document notes an attack scenario w...
CVE-2000-0574
FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function sometimes called by setproctitle, which allows remote attackers to cause a denial of service or execute arbitrary commands...