5 matches found
CVE-2006-5569
CVE-2006-5569 affects DataWizard FTPXQ / FtpXQ Server 3.0.1, which ships with two (and in some sources two) default testing accounts. The underlying issue is the presence of default accounts that allow a remote attacker to read or write arbitrary files, via vectors not disclosed in the provided s...
CVE-2002-1920
CVE-2002-1920 affects FtpXQ 2.5, where a buffer overflow in the MKD command with a long directory name can cause a denial of service (crash). The connected Red Hat entry and CVE records confirm the same description; exploitation details, affected versions beyond 2.5, and available mitigations are...
CVE-2001-0293
CVE-2001-0293 concerns the FtpXQ FTP server (version 2.0.93) and describes a directory traversal vulnerability where an attacker can read arbitrary files via a .. in the GET command. The connected documents confirm the affected product and the root cause (path traversal via GET), but do not provi...
CVE-2001-1213
The CVE-2001-1213 entry applies to DataWizard FtpXQ 2.0 and 2.1, where a default configuration uses a default username and password, enabling remote attackers to read and write arbitrary files in the root folder. Root cause: default credentials in the product’s default setup. Impact per NVD: conf...
CVE-2006-5568
CVE-2006-5568 affects FtpXQ Server 3.0.1, where a crafted long MKD command can cause CPU exhaustion leading to a denial of service. Root cause is input handling of MKD. No exploitation details are provided beyond this. Remediation: upgrade to 3.0.2 or newer (as indicated by the Nessus plugin “Ftp...