Denial Of Service (DoS)

Pyftpd is vulnerable to denial of service and information disclosure. The vulnerability existed because logs files with predictable names in a temporary directory are created, which allows local users to cause a denial of service and obtain sensitive information...

Sensitive Data Exposure

Pyftpd is vulnerable to sensitive data exposure. An attacker is able to read arbitrary files from the FTP server which contains hard-coded usernames and passwords...

CVE-2010-2073

authdbconfig.py in Pyftpd 0.8.4 contains hard-coded usernames and passwords for the 1 test, 2 user, and 3 roxon accounts, which allows remote attackers to read arbitrary files from the FTP server...

CVE-2010-2073

authdbconfig.py in Pyftpd 0.8.4 contains hard-coded usernames and passwords for the 1 test, 2 user, and 3 roxon accounts, which allows remote attackers to read arbitrary files from the FTP server...

CVE-2010-2072

Pyftpd 0.8.4 creates log files with predictable names in a temporary directory, which allows local users to cause a denial of service and obtain sensitive information...

CVE-2010-2072

Pyftpd 0.8.4 creates log files with predictable names in a temporary directory, which allows local users to cause a denial of service and obtain sensitive information...

Hardcoded credentials

authdbconfig.py in Pyftpd 0.8.4 contains hard-coded usernames and passwords for the 1 test, 2 user, and 3 roxon accounts, which allows remote attackers to read arbitrary files from the FTP server...

CVE-2010-2073

authdbconfig.py in Pyftpd 0.8.4 contains hard-coded usernames and passwords for the 1 test, 2 user, and 3 roxon accounts, which allows remote attackers to read arbitrary files from the FTP server...

Information disclosure

Pyftpd 0.8.4 creates log files with predictable names in a temporary directory, which allows local users to cause a denial of service and obtain sensitive information...

CVE-2010-2072

Pyftpd 0.8.4 creates log files with predictable names in a temporary directory, which allows local users to cause a denial of service and obtain sensitive information...

CVE-2010-2073

CVE-2010-2073 affects Pyftpd 0.8.4, where auth_db_config.py contains hard-coded usernames and passwords (test, user, roxon). This enables remote attackers to read arbitrary files from the FTP server due to hard-coded credentials. The issue is documented across multiple sources (NVD entry for CVE-...

CVE-2010-2073

authdbconfig.py in Pyftpd 0.8.4 contains hard-coded usernames and passwords for the 1 test, 2 user, and 3 roxon accounts, which allows remote attackers to read arbitrary files from the FTP server...

CVE-2010-2072

Pyftpd 0.8.4 creates log files with predictable names in a temporary directory, which allows local users to cause a denial of service and obtain sensitive information...

CVE-2010-2072

Pyftpd 0.8.4 is affected by a vulnerability where log files are created with predictable names in a temporary directory, enabling local users to cause a denial of service and access sensitive information. The issue stems from insecure temporary-file handling. A fix exists in 0.8.5 and later; upgr...

CVE-2010-2072

Removed by vendor...

CVE-2010-2073

Removed by vendor...

PT-2010-3684 · Pyftpd · Pyftpd

Name of the Vulnerable Software and Affected Versions: Pyftpd version 0.8.4 Description: The issue concerns hard-coded usernames and passwords in the auth db config.py file for the test, user, and roxon accounts. This allows remote attackers to read arbitrary files from the FTP server...

pyftpd Multiple Vulnerabilities

pyftpd is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

pyftpd Multiple Vulnerabilities

pyftpd is prone to multiple vulnerabilities. 1. pyftpd is prone to multiple default-account vulnerabilities. These issues stem from a design flaw that makes several accounts available to remote attackers. Successful exploits allow remote attackers to gain unauthorized access to a vulnerable...