6 matches found
CVE-1999-0887
The vulnerability CVE-1999-0887 affects the FTGate web interface server, where a remote attacker can read files via a directory traversal using "..". This is confirmed across multiple connected sources (Red Hat, CVE lists, NVD/NVD-derived entries). The underlying cause is a potential improper pat...
CVE-2005-4568
FTGate 4.4 (Build 4.4.000 Oct 26 2005) is affected by multiple format string vulnerabilities in both the POP3 and IMAP services. Specifically, remote attackers can trigger arbitrary code execution via format string specifiers in the POP3 commands (USER, PASS, TOP) and the IMAP commands (LIST, AUT...
CVE-2005-4567
CVE-2005-4567 describes multiple cross-site scripting (XSS) vulnerabilities in FTGate Technology’s FTGate 4.4 (Build 4.4.000 Oct 26 2005). The issue arises from unsanitized input in web-accessible endpoints: index.fts via the href parameter, and /domains/index.fts, /config/licence.fts, and /confi...
CVE-2005-4569
CVE-2005-4569 : Concrete details exist in connected docs. FTGate Technology’s FTGate 4.4 (Build 4.4.000, Oct 26 2005) is affected by a stack-based buffer overflow in index.fts triggered by a long tzoffset value. The vulnerability allows remote attackers to execute arbitrary code on the affected s...
CVE-2005-3640
FTGate4 IMAP server (FTGate4, version 4.1) is affected by a remote buffer overflow in the IMAP handling logic (boundary errors in various IMAP commands, demonstrated with EXAMINE). The underlying cause is improper handling of long command arguments, enabling a remote attacker to potentially execu...
CVE-2000-1237
The CVE-2000-1237 entry concerns the POP3 server in FTGate. The vulnerability arises because the server returns an -ERR response after receiving an invalid USER command, which can be used by a remote attacker to enumerate valid usernames and facilitate brute-force password guessing. Affected comp...