Lucene search
K
Vsftpd ProjectVsftpd

5 matches found

CVE
CVE
added 2022/03/23 12:0 a.m.3636 views

CVE-2021-3618

ALPACA (CVE-2021-3618) is an application-layer protocol content confusion attack affecting multiple assets (e.g., nginx, vsftpd, sendmail) where TLS servers configured for different protocols with compatible certificates can allow a MITM attacker to redirect subdomain traffic to another, potentia...

7.4CVSS7.5AI score0.02037EPSS
CVE
CVE
added 2019/11/27 8:36 p.m.3361 views

CVE-2011-2523

CVE-2011-2523 affects vsftpd 2.3.4, where a compromised distribution contained a backdoor that, when a login uses a username including :), opens a root shell on TCP port 6200. Public PoCs and exploits (e.g., OS command injection/backdoor modules) demonstrate remote command execution via the backd...

10CVSS9.3AI score0.96184EPSS
Web
CVE
CVE
added 2023/08/22 12:0 a.m.2049 views

CVE-2021-30047

CVE-2021-30047 affects vsftpd 3.0.3, where a denial-of-service condition can be triggered by a limited number of concurrent connections. The vulnerability arises in VSFTPD and is confirmed across multiple sources; Red Hat advisories indicate unpatched status for various RHEL versions, and Nessus ...

7.5CVSS7.3AI score0.03073EPSS
CVE
CVE
added 2015/01/28 11:0 a.m.1258 views

CVE-2015-1419

The CVE-2015-1419 vulnerability affects vsftpd 3.0.2 and earlier, enabling remote bypass of access restrictions via the deny_file parsing logic. The root cause is improper handling of the deny_file option, which could allow unauthorized access under certain conditions. Public references in the co...

5CVSS6.6AI score0.06725EPSS
CVE
CVE
added 2011/03/02 7:0 p.m.489 views

CVE-2011-0762

The CVE-2011-0762 issue affects vsftpd prior to a patched release, where the vsftpd GET path handling of glob patterns in STAT commands is flawed. The function vsf_filename_passes_filter in ls.c can be triggered by crafted glob expressions in STAT commands across multiple FTP sessions, enabling r...

4CVSS7.2AI score0.73946EPSS