luke mewburn vulnerabilities and exploits

(subscribe to this query)

605

VMScore

tnftpd prior to 20080929 splits large command strings into multiple commands, which allows remote malicious users to conduct cross-site request forgery (CSRF) attacks via unknown vectors, probably involving a crafted ftp:// link to a tnftpd server.

Luke Mewburn Tnftpd 20061217 Luke Mewburn Tnftpd 20040810 Luke Mewburn Tnftpd 20080609

454

VMScore

Multiple signal handler race conditions in lukemftpd (aka tnftpd prior to 20040810) allow remote authenticated malicious users to cause a denial of service or execute arbitrary code.

Luke Mewburn Lukemftp 1.1 Luke Mewburn Lukemftp 1.5 Luke Mewburn Tnftpd 2003-12-17

445

VMScore

The mget function in cmds.c for tnftp 20030825 allows remote FTP servers to overwrite arbitrary files via FTP responses containing file names with / (slash) characters.

Luke Mewburn Tnftp 2003-08-25

668

VMScore

Heap overflow in the KTH Kerberos 4 FTP client 4-1.1.1 allows remote malicious servers to execute arbitrary code on the client via a long response to a passive (PASV) mode request.

Kth Kth Kerberos 4 1.0.2 Kth Kth Kerberos 4 1.0.3 Kth Kth Kerberos 4 1.0.4 Kth Kth Kerberos 4 1.1.1 Luke Mewburn Lukemftp 1.5

668

VMScore

Buffer overflow in lukemftp FTP client in SuSE 6.4 up to and including 8.0, and possibly other operating systems, allows a malicious FTP server to execute arbitrary code via a long PASV command.

Luke Mewburn Lukemftp Suse Suse Linux 8.0 Suse Suse Linux 6.4 Suse Suse Linux 7.0 Suse Suse Linux 7.1 Suse Suse Linux 7.2 Suse Suse Linux 7.3

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook