Lucene search
K
PsftpPsftpd

4 matches found

CVE
CVE
added 2017/11/15 4:0 p.m.58 views

CVE-2017-15272

CVE-2017-15272 concerns the PSFTPd Windows FTP Server (v10.0.4 Build 729). The server stores its configuration in PSFTPd.dat, an Access database that can be extracted. The data can be obtained even though the encrypt flag is set with the password “ITsILLEGAL,” because the password is not required...

5.3CVSS5.3AI score0.00561EPSS
CVE
CVE
added 2017/11/15 4:0 p.m.57 views

CVE-2017-15271

PSFTPd Windows FTP Server is affected by CVE-2017-15271 in the SFTP component (PSFTPd 10.0.4 Build 729). The issue is a use-after-free triggered remotely before authentication, due to a race condition in window message handling during cleanup of invalid connections, leading to a NULL pointer dere...

5.9CVSS5.4AI score0.08742EPSS
CVE
CVE
added 2017/11/15 4:0 p.m.56 views

CVE-2017-15269

The CVE-2017-15269 entry concerns PSFTPd Windows FTP Server 10.0.4 Build 729. The linked documents confirm the root cause: the server does not prevent FTP bounce scans by default, enabling an attacker to perform scans via the FTP server (e.g., using nmap -b). Reported impact includes facilitating...

4.3CVSS5AI score0.015EPSS
CVE
CVE
added 2017/11/15 4:0 p.m.56 views

CVE-2017-15270

CVE-2017-15270 affects PSFTPd Windows FTP Server 10.0.4 Build 729. The vulnerability is due to improper escaping of data when writing to CSV logs, allowing an attacker to hide data in the GUI and add arbitrary log entries via special characters (e.g., ") and commas. Connected sources also referen...

5.3CVSS5.2AI score0.06972EPSS