51 matches found
EUVD-2020-26455
Malware in sbrugna...
EUVD-2020-13063
Malware in sbrugna...
EUVD-2020-6306
Malware in sbrugna...
EUVD-2020-26447
Malware in sbrugna...
CVE-2020-5221
In uftpd before 2.11, it is possible for an unauthenticated user to perform a directory traversal attack using multiple different FTP commands and read and write to arbitrary locations on the filesystem due to the lack of a well-written chroot jail in composeabspath. This has been fixed in versio...
CVE-2020-5204
In uftpd before 2.11, there is a buffer overflow vulnerability in handlePORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf with user input based on the format specifier string %d.%d.%d.%d. The 16 byte size is correct for valid IPv4 addresses...
CVE-2020-20276
An unauthenticated stack-based buffer overflow vulnerability in common.c's handlePORT in uftpd FTP server versions 2.10 and earlier can be abused to cause a crash and could potentially lead to remote code execution...
CVE-2020-20277
There are multiple unauthenticated directory traversal vulnerabilities in different FTP commands in uftpd FTP server versions 2.7 to 2.10 due to improper implementation of a chroot jail in common.c's composeabspath function that can be abused to read or write to arbitrary files on the filesystem,...
CVE-2020-14149
In uftpd before 2.12, handleCWD in ftpcmd.c mishandled the path provided by the user, causing a NULL pointer dereference and denial of service, as demonstrated by a CWD /.. command...
SUSE CVE-2020-5221
In uftpd before 2.11, it is possible for an unauthenticated user to perform a directory traversal attack using multiple different FTP commands and read and write to arbitrary locations on the filesystem due to the lack of a well-written chroot jail in composeabspath. This has been fixed in versio...
SUSE CVE-2020-14149
In uftpd before 2.12, handleCWD in ftpcmd.c mishandled the path provided by the user, causing a NULL pointer dereference and denial of service, as demonstrated by a CWD /.. command...
SUSE CVE-2020-20276
An unauthenticated stack-based buffer overflow vulnerability in common.c's handlePORT in uftpd FTP server versions 2.10 and earlier can be abused to cause a crash and could potentially lead to remote code execution...
uftpd 2.10 Directory Traversal
Exploit Title: uftpd 2.10 - Directory Traversal Authenticated Google Dork: N/A Exploit Author: Aaron Esau arinerron Vendor Homepage: https://github.com/troglobit/uftpd Software Link: https://github.com/troglobit/uftpd Version: 2.7 to 2.10 Tested on: Linux CVE : CVE-2020-20277 Reference:...
uftpd 2.10 - Directory Traversal (Authenticated) Vulnerability
Exploit Title: uftpd 2.10 - Directory Traversal Authenticated Exploit Author: Aaron Esau arinerron Vendor Homepage: https://github.com/troglobit/uftpd Software Link: https://github.com/troglobit/uftpd Version: 2.7 to 2.10 Tested on: Linux CVE : CVE-2020-20277 Reference:...
uftpd 2.10 - Directory Traversal (Authenticated)
Exploit Title: uftpd 2.10 - Directory Traversal Authenticated Google Dork: N/A Exploit Author: Aaron Esau arinerron Vendor Homepage: https://github.com/troglobit/uftpd Software Link: https://github.com/troglobit/uftpd Version: 2.7 to 2.10 Tested on: Linux CVE : CVE-2020-20277 Reference:...
CVE-2020-20276
An unauthenticated stack-based buffer overflow vulnerability in common.c's handlePORT in uftpd FTP server versions 2.10 and earlier can be abused to cause a crash and could potentially lead to remote code execution...
CVE-2020-20276
An unauthenticated stack-based buffer overflow vulnerability in common.c's handlePORT in uftpd FTP server versions 2.10 and earlier can be abused to cause a crash and could potentially lead to remote code execution...
CVE-2020-20276
An unauthenticated stack-based buffer overflow vulnerability in common.c's handlePORT in uftpd FTP server versions 2.10 and earlier can be abused to cause a crash and could potentially lead to remote code execution...
CVE-2020-20276
The CVE-2020-20276 entry describes an unauthenticated stack-based buffer overflow in uftpd FTP server versions 2.10 and earlier, specifically in common.c’s handle_PORT function. This vulnerability can cause a crash and potentially enable remote code execution. Connected sources confirm the affect...
CVE-2020-20277
There are multiple unauthenticated directory traversal vulnerabilities in different FTP commands in uftpd FTP server versions 2.7 to 2.10 due to improper implementation of a chroot jail in common.c's composeabspath function that can be abused to read or write to arbitrary files on the filesystem,...