Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netbsd ftpd vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-2245
ftpd in NetBSD 1.5 up to and including 1.5.3 and 1.6 does not properly quote a digit in response to a STAT command for a filename that contains a carriage return followed by a digit, which can cause firewalls and other intermediary devices to lose proper track of the FTP session.
Netbsd Ftpd 1.5.1
Netbsd Ftpd 1.5.2
Netbsd Ftpd 1.5.3
Netbsd Ftpd 1.6
Netbsd Ftpd 1.5
7.5
CVSSv3
CVE-2023-45198
ftpd before "NetBSD-ftpd 20230930" can leak information about the host filesystem before authentication via an MLSD or MLST command. tnftpd (the portable version of NetBSD ftpd) prior to 20231001 is also vulnerable.
Netbsd Tnftpd
Netbsd Ftpd
9.8
CVSSv3
CVE-2003-0466
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow malicious users to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 up to and including 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buff...
Wuftpd Wu-ftpd
Redhat Wu Ftpd 2.6.1-16
Apple Mac Os X Server 10.2.6
Apple Mac Os X 10.2.6
Sun Solaris 9.0
Freebsd Freebsd
Netbsd Netbsd
Openbsd Openbsd
5 EDB exploits
NA
CVE-2001-0053
One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote malicious users to gain root privileges.
David Madore Ftpd-bsd 0.2.3
Openbsd Openbsd 2.6
Openbsd Openbsd 2.7
Netbsd Netbsd 1.4.2
Netbsd Netbsd 1.5
Openbsd Openbsd 2.4
Openbsd Openbsd 2.5
Netbsd Netbsd 1.4
Netbsd Netbsd 1.4.1
Openbsd Openbsd 2.8
2 EDB exploits
NA
CVE-2011-0418
The glob implementation in Pure-FTPd prior to 1.0.32, and in libc in NetBSD 5.1, does not properly expand expressions containing curly brackets, which allows remote authenticated users to cause a denial of service (memory consumption) via a crafted FTP STAT command.
Pureftpd Pure-ftpd 1.0.15
Pureftpd Pure-ftpd 1.0.16a
Pureftpd Pure-ftpd 1.0.20
Pureftpd Pure-ftpd 1.0.21
Pureftpd Pure-ftpd 1.0.9
Pureftpd Pure-ftpd 1.0.8
Pureftpd Pure-ftpd 1.0.0
Pureftpd Pure-ftpd 0.99.9
Pureftpd Pure-ftpd 0.99.1
Pureftpd Pure-ftpd 0.99b
Pureftpd Pure-ftpd 1.0.12
Pureftpd Pure-ftpd 1.0.13a
Pureftpd Pure-ftpd 1.0.14
Pureftpd Pure-ftpd 1.0.18
Pureftpd Pure-ftpd 1.0.19
Pureftpd Pure-ftpd 1.0.28
Pureftpd Pure-ftpd 1.0.10
Pureftpd Pure-ftpd 1.0.2
Pureftpd Pure-ftpd 1.0.1
Pureftpd Pure-ftpd 0.99.1b
Pureftpd Pure-ftpd 0.99.1a
Pureftpd Pure-ftpd 0.98.7
1 EDB exploit
NA
CVE-2000-0574
FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote malicious users to cause a denial of service or execute arbitr...
Openbsd Ftpd 5.51
Washington University Wu-ftpd 2.4.2 Beta18 Vr7
Washington University Wu-ftpd 2.4.2 Beta18 Vr8
Washington University Wu-ftpd 2.4.2 Beta18 Vr9
Washington University Wu-ftpd 2.4.2 Vr16
Washington University Wu-ftpd 2.4.2 Vr17
Washington University Wu-ftpd 2.4.2 Beta18 Vr11
Washington University Wu-ftpd 2.4.2 Beta18 Vr12
Washington University Wu-ftpd 2.4.2 Beta18 Vr13
Washington University Wu-ftpd 2.4.2 Beta18 Vr14
Washington University Wu-ftpd 2.4.2 Beta1
Washington University Wu-ftpd 2.4.2 Beta18 Vr10
Washington University Wu-ftpd 2.4.2 Beta18 Vr15
Washington University Wu-ftpd 2.4.2 Beta18 Vr5
Washington University Wu-ftpd 2.5
Openbsd Ftpd 5.60
Washington University Wu-ftpd 2.4.2 Beta18
Washington University Wu-ftpd 2.4.2 Beta18 Vr4
Washington University Wu-ftpd 2.4.2 Beta18 Vr6
Washington University Wu-ftpd 2.6
1 EDB exploit
NA
CVE-2001-0247
Buffer overflows in BSD-based FTP servers allows remote malicious users to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.
Mit Kerberos 5 1.2.1
Mit Kerberos 5 1.2.2
Sgi Irix 6.5.3
Sgi Irix 6.5.3f
Sgi Irix 6.5.1
Sgi Irix 6.5.10
Sgi Irix 6.5.5
Sgi Irix 6.5.6
Mit Kerberos 5 1.1.1
Sgi Irix 6.1
Sgi Irix 6.5.3m
Sgi Irix 6.5.4
Mit Kerberos 5 1.2
Sgi Irix 6.5.11
Sgi Irix 6.5.2m
Sgi Irix 6.5.7
Sgi Irix 6.5.8
Freebsd Freebsd 2.2
Freebsd Freebsd 3.1
Freebsd Freebsd 2.2.5
Freebsd Freebsd 2.2.6
Freebsd Freebsd 3.5
3 EDB exploits
NA
CVE-2008-4247
ftpd in OpenBSD 4.3, FreeBSD 7.0, NetBSD 4.0, Solaris, and possibly other operating systems interprets long commands from an FTP client as multiple commands, which allows remote malicious users to conduct cross-site request forgery (CSRF) attacks and execute arbitrary FTP command...
Openbsd Openbsd 4.3
Freebsd Freebsd 7.0
Netbsd Netbsd 4.0
1 EDB exploit
NA
CVE-1999-0017
FTP servers can allow an malicious user to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
Gnu Inet 5.01
Gnu Inet 6.01
Washington University Wu-ftpd 2.4
Gnu Inet 6.02
Sun Sunos 5.5
Ibm Aix 4.3
Sco Open Desktop 3.0
Sun Sunos 5.3
Caldera Openlinux 1.2
Sun Sunos 4.1.4
Ibm Aix 4.2
Netbsd Netbsd 1.2.1
Freebsd Freebsd 2.1.7
Siemens Reliant Unix
Netbsd Netbsd 1.0
Sun Sunos 5.4
Freebsd Freebsd 1.1
Freebsd Freebsd 1.2
Freebsd Freebsd 2.1.0
Sun Sunos 4.1.3u1
Netbsd Netbsd 1.1
Netbsd Netbsd 1.2
NA
CVE-2000-0462
ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory.
Netbsd Netbsd 1.4.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »