9 matches found
EUVD-2010-0017
Malware in sbrugna...
EUVD-2010-0027
Malware in sbrugna...
EUVD-2010-0018
Malware in sbrugna...
EUVD-2010-0024
Malware in sbrugna...
CVE-2008-7264
The ftpQUIT function in ftpserver.py in pyftpdlib before 0.5.0 allows remote authenticated users to cause a denial of service file descriptor exhaustion and daemon outage by sending a QUIT command during a disallowed data-transfer attempt...
CVE-2007-6738
pyftpdlib before 0.1.1 does not choose a random value for the port associated with the PASV command, which makes it easier for remote attackers to obtain potentially sensitive information about the number of in-progress data connections by reading the response to this command...
GHSA-GH7C-CG3X-PMCR pyftpdlib Use of Insufficiently Random Values of port selection on PASV command
pyftpdlib before 0.1.1 does not choose a random value for the port associated with the PASV command, which makes it easier for remote attackers to obtain potentially sensitive information about the number of in-progress data connections by reading the response to this command...
Session fixation
ftpserver.py in pyftpdlib before 0.5.2 does not require the l permission for the MLST command, which allows remote authenticated users to bypass intended access restrictions and list the root directory via an FTP session...
PYSEC-2010-22
pyftpdlib before 0.1.1 does not choose a random value for the port associated with the PASV command, which makes it easier for remote attackers to obtain potentially sensitive information about the number of in-progress data connections by reading the response to this command...