Show filters
76 Total Results
Displaying 51-60 of 76
Sort by:
Attacker Value
Unknown

CVE-2001-1193

Disclosure Date: December 13, 2001 (last updated February 22, 2025)
Directory traversal vulnerability in EFTP 2.0.8.346 allows local users to read directories via a ... (modified dot dot) in the CWD command.
0
0
Attacker Value
Unknown

CVE-2001-0933

Disclosure Date: November 28, 2001 (last updated February 22, 2025)
Cooolsoft PowerFTP Server 2.03 allows remote attackers to list the contents of arbitrary drives via a ls (LIST) command that includes the drive letter as an argument, e.g. "ls C:".
0
0
Attacker Value
Unknown

CVE-2001-0932

Disclosure Date: November 28, 2001 (last updated February 22, 2025)
Buffer overflow in Cooolsoft PowerFTP Server 2.03 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long command.
0
0
Attacker Value
Unknown

CVE-2001-0934

Disclosure Date: November 28, 2001 (last updated February 22, 2025)
Cooolsoft PowerFTP Server 2.03 allows remote attackers to obtain the physical path of the server root via the pwd command, which lists the full pathname.
0
0
Attacker Value
Unknown

CVE-2001-0931

Disclosure Date: November 28, 2001 (last updated February 22, 2025)
Directory traversal vulnerability in Cooolsoft PowerFTP Server 2.03 allows attackers to list or read arbitrary files and directories via a .. (dot dot) in (1) LS or (2) GET.
0
0
Attacker Value
Unknown

CVE-2001-0698

Disclosure Date: September 20, 2001 (last updated February 22, 2025)
Directory traversal vulnerability in NetWin SurgeFTP 2.0a and 1.0b allows a remote attacker to list arbitrary files and directories via the 'nlist ...' command.
0
0
Attacker Value
Unknown

CVE-2001-0696

Disclosure Date: September 20, 2001 (last updated February 22, 2025)
NetWin SurgeFTP 2.0a and 1.0b allows a remote attacker to cause a denial of service (crash) via a CD command to a directory with an MS-DOS device name such as con.
0
0
Attacker Value
Unknown

CVE-2001-0706

Disclosure Date: September 20, 2001 (last updated February 22, 2025)
Maximum Rumpus FTP Server 2.0.3 dev and before allows an attacker to cause a denial of service (crash) via a mkdir command that specifies a large number of sub-folders.
0
0
Attacker Value
Unknown

CVE-2001-0646

Disclosure Date: September 20, 2001 (last updated February 22, 2025)
Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 allows a remote attacker to perform a denial of service (hang) by creating a directory name of a specific length.
0
0
Attacker Value
Unknown

CVE-2001-1111

Disclosure Date: September 12, 2001 (last updated February 22, 2025)
EFTP 2.0.7.337 stores user passwords in plaintext in the eftp2users.dat file.
0
0
View More Topics  < Previous  Next >