111 matches found
PT-2023-14922 · Unknown · Weston Embedded Uc-Ftps
Name of the Vulnerable Software and Affected Versions: Weston Embedded uC-FTPs version 1.98.00 Description: An out-of-bounds read issue exists in the PORT command parameter extraction functionality. A specially-crafted set of network packets can lead to denial of service. This occurs when no IP...
PT-2023-14923 · Unknown · Weston Embedded Uc-Ftps
Name of the Vulnerable Software and Affected Versions: Weston Embedded uC-FTPs version 1.98.00 Description: An out-of-bounds read issue exists in the PORT command parameter extraction functionality. This can be triggered by a specially-crafted set of network packets, leading to denial of service...
SUSE CVE-2015-7665
Tails before 1.7 includes the wget program but does not prevent automatic fallback from passive FTP to active FTP, which allows remote FTP servers to discover the Tor client IP address by reading a 1 PORT or 2 EPRT command. NOTE: within wget itself, the automatic fallback is not considered a...
CVE-2020-15152
ftp-srv is an npm package which is a modern and extensible FTP server designed to be simple yet configurable. In ftp-srv before versions 2.19.6, 3.1.2, and 4.3.4 are vulnerable to Server-Side Request Forgery. The PORT command allows arbitrary IPs which can be used to cause the server to make a...
CVE-2020-15152
ftp-srv is an npm package which is a modern and extensible FTP server designed to be simple yet configurable. In ftp-srv before versions 2.19.6, 3.1.2, and 4.3.4 are vulnerable to Server-Side Request Forgery. The PORT command allows arbitrary IPs which can be used to cause the server to make a...
CVE-2020-15152 Server-Side Request Forgery in ftp-srv
ftp-srv is an npm package which is a modern and extensible FTP server designed to be simple yet configurable. In ftp-srv before versions 2.19.6, 3.1.2, and 4.3.4 are vulnerable to Server-Side Request Forgery. The PORT command allows arbitrary IPs which can be used to cause the server to make a...
uftpd Buffer Overflow Vulnerability
uftpd is a Linux-based FTP/TFTP file transfer server. A buffer overflow vulnerability exists in the 'handlePORT' function of the ftpcmd.c file in uftpd versions prior to 2.11. The vulnerability stems from a network system or product performing operations in memory without properly validating data...
CVE-2018-15516
The FTP service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices allows remote attackers to conduct a PORT command bounce scan via port 8000, resulting in SSRF...
CVE-2018-15516
CVE-2018-15516 affects the D-Link Central WiFiManager CWM-100, version 1.03 r0098, where the FTP server component can be abused to perform a PORT command bounce scan on port 8000, resulting in a Server-Side Request Forgery (SSRF) . Documented impact includes remote abuse of the network and potent...
CVE-2018-15516
The FTP service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices allows remote attackers to conduct a PORT command bounce scan via port 8000, resulting in SSRF...
PCMan FTP Server 'PORT' Command Buffer Overflow Vulnerability
PCMan FTP Server is a full-featured FTP server software. A buffer overflow vulnerability exists in PCMan FTP Server version 2.0.7. A remote attacker can exploit this vulnerability to execute arbitrary code in the context of an affected application with the help of a long string in the PORT comman...
PCMan FTP Server 2.0.7 - 'PORT' Command Buffer Overflow Exploit
Exploit for windows platform in category remote exploits !/usr/bin/env python -- coding: utf-8 -- Exploit Title: PCMan FTP Server 2.0 PORT Command BoF Exploit Author: Pablo González Date: 4/11/2016 Software: PCMan 2.0 Tested on: Windows XP Profesional SP3 Spanish x86 import socket print "Creating...
wget Target IP Address Information Acquisition Vulnerability
wget is a free tool to automatically download files from the network, supporting downloads via the three most common TCP/IP protocols: HTTP, HTTPS, and FTP. A security vulnerability exists in wget, where a remote FTP server can reject a user's FTP PASV command, causing the target user's wget...
Multiple Vulnerabilities in FTP Media Server
FTP Media Server is a free media server. FTP Media Server is vulnerable to authentication bypass and denial of service vulnerabilities. A remote user can issue commands to the FTP server without authentication or enter incorrect credentials; send an invalid port command to the FTP server, which...
WS_FTP Server <= 5.03 (RNFR) Buffer Overflow Exploit
No description provided by source. ===== Start WSFTPOverflow.pl ===== Usage: WSFTPOverflow.pl ip ftp user ftp pass WSFTPOverflow.pl 127.0.0.1 hello moto WSFTP Server Version 5.03, 2004.10.14 Download: http://www.ipswitch.com/ use IO::Socket; use strict; my$socket = ; if $socket =...
Vermillion FTP Daemon PORT Command Memory Corruption
No description provided by source. $Id: vermillionftpdport.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...
Vermillion FTPd v1.31 - Buffer Overflow Vulnerability
Document Title: =============== Vermillion FTPd v1.31 - Buffer Overflow Vulnerability References Source: ==================== OSVDB-ID: 62163 http://osvdb.org/show/osvdb/62163 EDB-ID: 11293 http://www.exploit-db.com/exploits/11293/ Release Date: ============= 2011-06-07 Vulnerability Laboratory I...
Blackmoon FTP 3.1 Build 1735/1736 - Denial of Service
!/usr/bin/python Exploit Title: BlackmoonFTP Server DOS Date: 12/28/2010 Author: Craig Freyman cd1zz Software Link: http://www.mediafire.com/?bnc4d00myymmx55 Version: 3.1 Release 6 - Build 1735 and 1736 Tested On: Windows XP SP3 Vendor Contacted: 12/28/2010 Vendor Fixed: 1/13/2011 import socket...
Wing FTP Server DoS
Crash on PORT command parsing...
Wing FTP Server PORT Command DoS Vulnerability
Discovery Date: Nov 14, 2009 Risk: Important Affected Software: Wing FTP Server 3.1.2 Description: There is a Denial of Service DoS vulnerability that exists in Wing FTP Server 3.1.2. The said vulnerability can be exploited by using an invalid parameter for PORT command. When exploited...