Lucene search
K

158 matches found

OSV
OSV
added 2010/10/19 8:0 p.m.9 views

CVE-2010-3494

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected value of None for the address, or ...

6.4AI score
Exploits0References11
OSV
OSV
added 2010/10/19 8:0 p.m.3 views

DEBIAN-CVE-2009-5013

Memory leak in the ondtpclose function in ftpserver.py in pyftpdlib before 0.5.2 allows remote authenticated users to cause a denial of service memory consumption by sending a QUIT command during a data transfer...

4CVSS6.8AI score0.01156EPSS
Exploits0References1
NVD
NVD
added 2010/10/19 8:0 p.m.31 views

CVE-2009-5012

ftpserver.py in pyftpdlib before 0.5.2 does not require the l permission for the MLST command, which allows remote authenticated users to bypass intended access restrictions and list the root directory via an FTP session...

4CVSS6.2AI score0.01031EPSS
Exploits0References4
NVD
NVD
added 2010/10/19 8:0 p.m.19 views

CVE-2009-5011

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the getpeername function having an ENOTCONN error, a different vulnerabilit...

4.3CVSS6.3AI score0.00934EPSS
Exploits0References4
OSV
OSV
added 2010/10/19 8:0 p.m.7 views

CVE-2009-5013

Memory leak in the ondtpclose function in ftpserver.py in pyftpdlib before 0.5.2 allows remote authenticated users to cause a denial of service memory consumption by sending a QUIT command during a data transfer...

6.1AI score
Exploits0References4
OSV
OSV
added 2010/10/19 8:0 p.m.2 views

DEBIAN-CVE-2009-5012

ftpserver.py in pyftpdlib before 0.5.2 does not require the l permission for the MLST command, which allows remote authenticated users to bypass intended access restrictions and list the root directory via an FTP session...

4CVSS6.5AI score0.01031EPSS
Exploits0References1
OSV
OSV
added 2010/10/19 8:0 p.m.8 views

CVE-2009-5012

ftpserver.py in pyftpdlib before 0.5.2 does not require the l permission for the MLST command, which allows remote authenticated users to bypass intended access restrictions and list the root directory via an FTP session...

6.1AI score
Exploits0References4
NVD
NVD
added 2010/10/19 8:0 p.m.26 views

CVE-2007-6741

The ftpPORT function in FTPServer.py in pyftpdlib before 0.2.0 does not prevent TCP connections to privileged ports if the destination IP address matches the source IP address of the connection from the FTP client, which might allow remote authenticated users to conduct FTP bounce attacks via...

6.5CVSS6AI score0.01769EPSS
Exploits0References4
NVD
NVD
added 2010/10/19 8:0 p.m.33 views

CVE-2007-6739

FTPServer.py in pyftpdlib before 0.2.0 allows remote attackers to cause a denial of service via a long command...

5CVSS6.4AI score0.01447EPSS
Exploits0References4
NVD
NVD
added 2010/10/19 8:0 p.m.34 views

CVE-2007-6740

The ftpSTOU function in FTPServer.py in pyftpdlib before 0.2.0 does not limit the number of attempts to discover a unique filename, which might allow remote authenticated users to cause a denial of service via a STOU command...

4CVSS6.1AI score0.01156EPSS
Exploits0References4
NVD
NVD
added 2010/10/19 8:0 p.m.21 views

CVE-2008-7262

Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.3.0 allow remote authenticated users to access arbitrary files and directories via vectors involving a symlink in a pathname to a 1 CWD, 2 DELE, 3 STOR, or 4 RETR command...

6.5CVSS6.5AI score0.01412EPSS
Exploits0References2
NVD
NVD
added 2010/10/19 8:0 p.m.26 views

CVE-2008-7263

ftpserver.py in pyftpdlib before 0.5.0 does not delay its response after receiving an invalid login attempt, which makes it easier for remote attackers to obtain access via a brute-force attack...

7.5CVSS6.3AI score0.0156EPSS
Exploits0References4
NVD
NVD
added 2010/10/19 8:0 p.m.22 views

CVE-2008-7264

The ftpQUIT function in ftpserver.py in pyftpdlib before 0.5.0 allows remote authenticated users to cause a denial of service file descriptor exhaustion and daemon outage by sending a QUIT command during a disallowed data-transfer attempt...

4CVSS6.2AI score0.01375EPSS
Exploits1References4
NVD
NVD
added 2010/10/19 8:0 p.m.18 views

CVE-2007-6738

pyftpdlib before 0.1.1 does not choose a random value for the port associated with the PASV command, which makes it easier for remote attackers to obtain potentially sensitive information about the number of in-progress data connections by reading the response to this command...

5CVSS6AI score0.01127EPSS
Exploits0References1
NVD
NVD
added 2010/10/19 8:0 p.m.28 views

CVE-2007-6736

Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.2.0 allow remote authenticated users to access arbitrary files and directories via a .. dot dot in a 1 LIST, 2 STOR, or 3 RETR command...

6.5CVSS6.5AI score0.0126EPSS
Exploits0References4
NVD
NVD
added 2010/10/19 8:0 p.m.29 views

CVE-2007-6737

FTPServer.py in pyftpdlib before 0.2.0 does not increment the attemptedlogins count for a USER command that specifies an invalid username, which makes it easier for remote attackers to obtain access via a brute-force attack...

7.5CVSS6.5AI score0.01354EPSS
Exploits0References4
PyPA
PyPA
added 2010/10/19 8:0 p.m.4 views

PYSEC-2010-8

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the getpeername function having an ENOTCONN error, a different vulnerabilit...

4.3CVSS7AI score0.01582EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2010/10/19 8:0 p.m.3 views

CVE-2007-6736

Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.2.0 allow remote authenticated users to access arbitrary files and directories via a .. dot dot in a 1 LIST, 2 STOR, or 3 RETR command...

6.5CVSS5.7AI score0.0126EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2010/10/19 8:0 p.m.0 views

CVE-2010-3494

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected value of None for the address, or ...

4.3CVSS5.9AI score0.01582EPSS
Exploits0References2
Prion
Prion
added 2010/10/19 8:0 p.m.21 views

Sql injection

The ftpPORT function in FTPServer.py in pyftpdlib before 0.2.0 does not prevent TCP connections to privileged ports if the destination IP address matches the source IP address of the connection from the FTP client, which might allow remote authenticated users to conduct FTP bounce attacks via...

6.5CVSS6.4AI score0.01959EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder