RSS   Vulnerabilities for 'Freeftpd'   RSS

2019-12-03
 
CVE-2019-19383

CWE-120
 

 
freeFTPd 1.0.8 has a Post-Authentication Buffer Overflow via a crafted SIZE command (this is exploitable even if logging is disabled).

 
2012-12-04
 
CVE-2012-6067

CWE-287
 

 
freeFTPd.exe in freeFTPd through 1.0.11 allows remote attackers to bypass authentication via a crafted SFTP session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c.

 
2006-05-16
 
CVE-2006-2407

CWE-119
 

 
Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange algorithm string.

 
2005-11-25
 
CVE-2005-3812

CWE-Other
 

 
freeFTPd 1.0.10 allows remote authenticated users to cause a denial of service (null dereference and crash) via a PORT command with missing arguments.

 
2005-11-18
 
CVE-2005-3684

 

 
Multiple buffer overflows in freeFTPd 1.0.8, without logging enabled, allow remote authenticated attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via long (1) MKD and (2) DELE commands.

 
 
CVE-2005-3683

 

 
Stack-based buffer overflow in freeFTPd before 1.0.9 with Logging enabled, allows remote attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via a long USER command.

 


Copyright 2024, cxsecurity.com

 

Back to Top