Lucene search

K

Ftp Security Vulnerabilities

cve
cve

CVE-2024-5052

Denial of Service (DoS) vulnerability for Cerberus Enterprise 8.0.10.3 web administration. The vulnerability exists when the web server, default port 10001, attempts to process a large number of incomplete HTTP...

7.5CVSS

6.8AI Score

0.0004EPSS

2024-05-17 10:15 AM
24
cve
cve

CVE-2024-0732

A vulnerability was found in PCMan FTP Server 2.0.7 and classified as problematic. This issue affects some unknown processing of the component STOR Command Handler. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and...

7.5CVSS

7.6AI Score

0.0005EPSS

2024-01-19 08:15 PM
6
cve
cve

CVE-2021-4432

A vulnerability was found in PCMan FTP Server 2.0.7. It has been classified as problematic. This affects an unknown part of the component USER Command Handler. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public.....

7.5CVSS

7.6AI Score

0.003EPSS

2024-01-16 03:15 PM
13
cve
cve

CVE-2024-1017

A vulnerability was found in Gabriels FTP Server 1.2. It has been rated as problematic. This issue affects some unknown processing. The manipulation of the argument USERNAME leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be...

7.5CVSS

7.5AI Score

0.004EPSS

2024-01-29 07:15 PM
12
cve
cve

CVE-2024-0731

A vulnerability has been found in PCMan FTP Server 2.0.7 and classified as problematic. This vulnerability affects unknown code of the component PUT Command Handler. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and.....

7.5CVSS

7.6AI Score

0.0005EPSS

2024-01-19 08:15 PM
3
cve
cve

CVE-2024-0548

A vulnerability was found in FreeFloat FTP Server 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the component SIZE Command Handler. The manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the...

7.5CVSS

7.5AI Score

0.001EPSS

2024-01-15 07:15 AM
16
cve
cve

CVE-2024-0736

A vulnerability classified as problematic has been found in EFS Easy File Sharing FTP 3.6. This affects an unknown part of the component Login. The manipulation of the argument password leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to...

7.5CVSS

7.5AI Score

0.0005EPSS

2024-01-19 09:15 PM
9
cve
cve

CVE-2024-0693

A vulnerability classified as problematic was found in EFS Easy File Sharing FTP 2.0. Affected by this vulnerability is an unknown functionality. The manipulation of the argument username leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public.....

7.5CVSS

7.5AI Score

0.002EPSS

2024-01-18 11:15 PM
11
cve
cve

CVE-2009-4053

Multiple directory traversal vulnerabilities in Home FTP Server 1.10.1.139 allow remote authenticated users to (1) create arbitrary directories via directory traversal sequences in an MKD command or (2) create files with any contents in arbitrary directories via directory traversal sequences in a.....

6.5CVSS

6.6AI Score

0.004EPSS

2022-10-03 04:24 PM
28
cve
cve

CVE-2023-37881

Weak access control in Wing FTP Server (Admin Web Client) allows for privilege escalation.This issue affects Wing FTP Server: <=...

8.8CVSS

8.7AI Score

0.001EPSS

2023-09-12 09:15 AM
17
cve
cve

CVE-2023-37875

Improper encoding or escaping of output in Wing FTP Server (User Web Client) allows Cross-Site Scripting (XSS).This issue affects Wing FTP Server: <=...

5.4CVSS

5.4AI Score

0.0004EPSS

2023-09-12 09:15 AM
17
cve
cve

CVE-2023-37879

Insecure storage of sensitive information in Wing FTP Server (User Web Client) allows information elicitation.This issue affects Wing FTP Server: <=...

7.5CVSS

7.4AI Score

0.001EPSS

2023-09-12 09:15 AM
22
cve
cve

CVE-2023-37878

Insecure default permissions in Wing FTP Server (Admin Web Client) allows for privilege escalation.This issue affects Wing FTP Server: <=...

8.8CVSS

8.7AI Score

0.001EPSS

2023-09-12 09:15 AM
12
cve
cve

CVE-2023-22551

The FTP (aka "Implementation of a simple FTP client and server") project through 96c1a35 allows remote attackers to cause a denial of service (memory consumption) by engaging in client activity, such as establishing and then terminating a connection. This occurs because malloc is used but free is.....

7.5CVSS

7.4AI Score

0.002EPSS

2023-01-01 06:15 PM
26
cve
cve

CVE-2009-4103

Buffer overflow in Robo-FTP 3.6.17, and possibly other versions, allows remote FTP servers to cause a denial of service and possibly execute arbitrary code via unspecified FTP server responses. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

8AI Score

0.002EPSS

2022-10-03 04:24 PM
20
cve
cve

CVE-2018-5310

In the "Media from FTP" plugin before 9.85 for WordPress, Directory Traversal exists via the searchdir parameter to the wp-admin/admin.php?page=mediafromftp-search-register...

6.5CVSS

6.4AI Score

0.001EPSS

2022-10-03 04:22 PM
22
cve
cve

CVE-2008-0604

The LDAP authentication feature in XLight FTP Server before 2.83, when used with some unspecified LDAP servers, does not check for blank passwords, which allows remote attackers to bypass intended access...

7AI Score

0.005EPSS

2022-10-03 04:14 PM
12
cve
cve

CVE-2020-26299

ftp-srv is an open-source FTP server designed to be simple yet configurable. In ftp-srv before version 4.4.0 there is a path-traversal vulnerability. Clients of FTP servers utilizing ftp-srv hosted on Windows machines can escape the FTP user's defined root folder using the expected FTP commands,...

9.6CVSS

9.1AI Score

0.003EPSS

2021-02-10 06:15 PM
38
cve
cve

CVE-2020-15152

ftp-srv is an npm package which is a modern and extensible FTP server designed to be simple yet configurable. In ftp-srv before versions 2.19.6, 3.1.2, and 4.3.4 are vulnerable to Server-Side Request Forgery. The PORT command allows arbitrary IPs which can be used to cause the server to make a...

9.1CVSS

8.8AI Score

0.003EPSS

2020-08-17 10:15 PM
29
2
cve
cve

CVE-2019-9668

An issue was discovered in rovinbhandari FTP through 2012-03-28. receive_file in file_transfer_functions.c allows remote attackers to cause a denial of service (daemon crash) via a 0xffff datalen field...

7.5CVSS

7.3AI Score

0.003EPSS

2019-12-31 05:15 PM
43
cve
cve

CVE-2019-11383

An issue was discovered in the Medha WiFi FTP Server application 1.8.3 for Android. An attacker can read the username/password of a valid user via...

9.8CVSS

9.2AI Score

0.007EPSS

2019-04-22 10:29 PM
19
cve
cve

CVE-2018-18861

Buffer overflow in PCMan FTP Server 2.0.7 allows for remote code execution via the APPE...

9.8CVSS

9.9AI Score

0.036EPSS

2018-11-20 07:29 PM
19
cve
cve

CVE-2018-12481

The Olive Tree Ftp Server application 1.32 for Android has a "Sensitive Data on the Clipboard" vulnerability, as demonstrated by reading the "User password" field with the Drozer post.capture.clipboard...

9.8CVSS

9.1AI Score

0.002EPSS

2018-06-15 04:29 PM
21
cve
cve

CVE-2015-7601

Directory traversal vulnerability in PCMan's FTP Server 2.0.7 allows remote attackers to read arbitrary files via a ..// (dot dot double slash) in a RETR...

6.8AI Score

0.613EPSS

2015-09-29 07:59 PM
23
cve
cve

CVE-2013-4730

Buffer overflow in PCMan's FTP Server 2.0.7 allows remote attackers to execute arbitrary code via a long string in a USER...

7.8AI Score

0.77EPSS

2014-05-15 02:55 PM
18
cve
cve

CVE-2010-4095

Directory traversal vulnerability in the FTP client in Serengeti Systems Incorporated Robo-FTP 3.7.3, and probably other versions before 3.7.5, allows remote FTP servers to write arbitrary files via a .. (dot dot) in a filename in a server...

6.9AI Score

0.004EPSS

2010-10-26 08:00 PM
18
cve
cve

CVE-2008-2889

Directory traversal vulnerability in the FTP client in AceBIT WISE-FTP 4.1.0 and 5.5.8 allows remote FTP servers to create or overwrite arbitrary files via a ..\ (dot dot backslash) in a response to a LIST command, a related issue to...

6.5AI Score

0.003EPSS

2008-06-27 06:41 PM
26
cve
cve

CVE-2008-2519

Directory traversal vulnerability in Core FTP client 2.1 Build 1565 allows remote FTP servers to create or overwrite arbitrary files via .. (dot dot) sequences in responses to LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writing to a Startup...

7.2AI Score

0.002EPSS

2008-06-03 02:32 PM
29
cve
cve

CVE-2007-6263

The dataconn function in ftpd.c in netkit ftpd (netkit-ftpd) 0.17, when certain modifications to support SSL have been introduced, calls fclose on an uninitialized file stream, which allows remote attackers to cause a denial of service (daemon crash) and possibly have unspecified other impact via.....

6.9AI Score

0.014EPSS

2007-12-06 03:46 PM
23
cve
cve

CVE-2007-5769

Double free vulnerability in the getreply function in ftp.c in netkit ftp (netkit-ftp) 0.17 20040614 and later allows remote FTP servers to cause a denial of service (application crash) and possibly have unspecified other impact via some types of FTP protocol behavior. NOTE: the netkit-ftpd issue.....

6.9AI Score

0.014EPSS

2007-12-06 03:46 PM
22
cve
cve

CVE-2007-6233

Directory traversal vulnerability in index.php in FTP Admin 0.1.0 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or...

6.8AI Score

0.001EPSS

2007-12-04 06:46 PM
23
cve
cve

CVE-2007-6232

Cross-site scripting (XSS) vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter in an error page...

5.7AI Score

0.002EPSS

2007-12-04 06:46 PM
18
cve
cve

CVE-2007-6234

index.php in FTP Admin 0.1.0 allows remote attackers to bypass authentication and obtain administrative access via a loggedin parameter with a value of true, as demonstrated by adding a user...

6.9AI Score

0.009EPSS

2007-12-04 06:46 PM
17
cve
cve

CVE-2003-1472

Buffer overflow in 3D-FTP client 4.0 allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long...

8.3AI Score

0.008EPSS

2007-10-24 11:00 PM
24
cve
cve

CVE-2007-1567

Stack-based buffer overflow in War FTP Daemon 1.65, and possibly earlier, allows remote attackers to cause a denial of service or execute arbitrary code via unspecified vectors, as demonstrated by warftp_165.tar by Immunity. NOTE: this might be the same issue as CVE-1999-0256, CVE-2000-0131, or...

8.2AI Score

0.962EPSS

2007-03-21 09:19 PM
26
2
cve
cve

CVE-2006-6241

Sorin Chitu Telnet-FTP Server 1.0 allows remote authenticated users to cause a denial of service (crash) via consecutive RETR commands. NOTE: The provenance of this information is unknown; the details are obtained solely from third party...

6.2AI Score

0.063EPSS

2006-12-03 07:28 PM
26
cve
cve

CVE-2006-6240

Directory traversal vulnerability in Sorin Chitu Telnet-FTP Server 1.0 allows remote authenticated users to list contents of arbitrary directories and download arbitrary files via a .. (dot dot) sequence in an FTP command argument, as demonstrated by RETR (GET) or STOR (PUT). NOTE: The provenance.....

6.3AI Score

0.003EPSS

2006-12-03 07:28 PM
17
cve
cve

CVE-2005-0312

WarFTPD 1.82 RC9, when running as an NT service, allows remote authenticated users to cause a denial of service (access violation) via a CWD command with a crafted pathname, as demonstrated using a large string of "%s" sequences, possibly indicating a format string...

6.5AI Score

0.003EPSS

2005-02-10 05:00 AM
24
4
cve
cve

CVE-2004-0255

Xlight 1.52, with log to screen enabled, allows remote attackers to cause a denial of service by requesting a long directory consisting of . (dot) and / (slash) characters, which causes the server to crash when the administrator views the log file, possibly triggering a buffer...

7AI Score

0.046EPSS

2004-11-23 05:00 AM
17
cve
cve

CVE-2004-0287

Xlight FTP server 1.52 allows remote authenticated users to cause a denial of service (crash) via a RETR command with a long argument containing a large number of / (slash) characters, possibly triggering a buffer...

6.7AI Score

0.09EPSS

2004-11-23 05:00 AM
28
cve
cve

CVE-2003-0766

Multiple heap-based buffer overflows in FTP Desktop client 3.5, and possibly earlier versions, allow remote malicious servers to execute arbitrary code via (1) a long FTP banner, (2) a long response to a USER command, or (3) a long response to a PASS...

8.2AI Score

0.004EPSS

2003-09-17 04:00 AM
24
cve
cve

CVE-2001-0794

Buffer overflow in A-FTP Anonymous FTP Server allows remote attackers to cause a denial of service via a long USER...

7.2AI Score

0.002EPSS

2001-10-18 04:00 AM
24
cve
cve

CVE-1999-1344

Auto_FTP.pl script in Auto_FTP 0.2 stores usernames and passwords in plaintext in the auto_ftp.conf configuration...

6.9AI Score

0.015EPSS

2001-09-12 04:00 AM
17
cve
cve

CVE-1999-1345

Auto_FTP.pl script in Auto_FTP 0.2 uses the /tmp/ftp_tmp as a shared directory with insecure permissions, which allows local users to (1) send arbitrary files to the remote server by placing them in the directory, and (2) view files that are being...

6.9AI Score

0.0004EPSS

2001-09-12 04:00 AM
22
cve
cve

CVE-1999-0351

FTP PASV "Pizza Thief" denial of service and unauthorized data access. Attackers can steal data by connecting to a port that was intended for use by a...

6.5AI Score

0.009EPSS

1999-09-29 04:00 AM
101
1