RSS   Vulnerabilities for 'Blackmoon ftp server'   RSS

2003-05-21
 
CVE-2003-0343

 

 
BlackMoon FTP Server 2.6 Free Edition, and possibly other distributions and versions, generates an "Account does not exist" error message when an invalid username is entered, which makes it easier for remote attackers to conduct brute force attacks.

 
2003-05-20
 
CVE-2003-0342

 

 
BlackMoon FTP Server 2.6 Free Edition, and possibly other distributions and versions, stores user names and passwords in plaintext in the blackmoon.mdb file, which can allow local users to gain privileges.

 
2002-03-25
 
CVE-2002-0126

 

 
Buffer overflow in BlackMoon FTP Server 1.0 through 1.5 allows remote attackers to execute arbitrary code via a long argument to (1) USER, (2) PASS, or (3) CWD.

 


Copyright 2024, cxsecurity.com

 

Back to Top