Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

core ftp core ftp 2.1 vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2008-2519
Directory traversal vulnerability in Core FTP client 2.1 Build 1565 allows remote FTP servers to create or overwrite arbitrary files via .. (dot dot) sequences in responses to LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writi...
Core Ftp Core Ftp 2.1
NA
CVE-2009-3484
Stack-based buffer overflow in Core FTP 2.1 build 1612 allows user-assisted remote malicious users to execute arbitrary code via a long hostname in an FTP server entry in a site backup file. NOTE: some of these details are obtained from third party information.
Coreftp Core Ftp 2.1
NA
CVE-2004-0989
Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote malicious users to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data...
Xmlsoft Libxml 1.8.17Xmlsoft Libxml2 2.5.11Xmlsoft Libxml2 2.6.9Xmlstarlet Command Line Xml Toolkit 0.9.1Xmlsoft Libxml2 2.6.11Xmlsoft Libxml2 2.6.12Xmlsoft Libxml2 2.6.13Xmlsoft Libxml2 2.6.14Xmlsoft Libxml2 2.6.6Xmlsoft Libxml2 2.6.7Xmlsoft Libxml2 2.6.8Redhat Fedora Core Core 2.0Trustix Secure Linux 2.0Trustix Secure Linux 2.1Ubuntu Ubuntu Linux 4.1
NA
CVE-2007-5300
Off-by-one error in the do_login_loop function in libwzd-core/wzd_login.c in wzdftpd 0.8.0, 0.8.2, and possibly other versions allows remote malicious users to cause a denial of service (daemon crash) via a long USER command that triggers a stack-based buffer overflow. NOTE: some...
Wzdftpd Wzdftpd 0.8.0Wzdftpd Wzdftpd 0.8.2
5.9
CVSSv3
CVE-2022-32208
When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.
Haxx CurlFedoraproject Fedora 35Debian Debian Linux 10.0Debian Debian Linux 11.0Netapp Element Software -Netapp Clustered Data Ontap -Netapp Solidfire -Netapp Hci Management Node -Netapp Bootstrap Os -Netapp H300s Firmware -Netapp H500s Firmware -Netapp H700s Firmware -Netapp H410s Firmware -Apple MacosSplunk Universal Forwarder 9.1.0Splunk Universal Forwarder
6.5
CVSSv3
CVE-2022-32206
curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, a...
Haxx CurlFedoraproject Fedora 35Debian Debian Linux 10.0Debian Debian Linux 11.0Netapp Element Software -Netapp Clustered Data Ontap -Netapp Solidfire -Netapp Hci Management Node -Netapp Bootstrap Os -Netapp H300s Firmware -Netapp H500s Firmware -Netapp H700s Firmware -Netapp H410s Firmware -Siemens Scalance Sc622-2c FirmwareSiemens Scalance Sc626-2c FirmwareSiemens Scalance Sc632-2c FirmwareSiemens Scalance Sc636-2c FirmwareSiemens Scalance Sc642-2c FirmwareSiemens Scalance Sc646-2c FirmwareSplunk Universal Forwarder 9.1.0Splunk Universal Forwarder
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code executionCVE-2024-34909CVE-2024-3317SSTICVE-2024-3400CVE-2024-30051wirelessCVE-2024-4622CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook