Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netbsd ftpd vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-45198
ftpd before "NetBSD-ftpd 20230930" can leak information about the host filesystem before authentication via an MLSD or MLST command. tnftpd (the portable version of NetBSD ftpd) prior to 20231001 is also vulnerable.
Netbsd Tnftpd
Netbsd Ftpd
NA
CVE-2011-0418
The glob implementation in Pure-FTPd prior to 1.0.32, and in libc in NetBSD 5.1, does not properly expand expressions containing curly brackets, which allows remote authenticated users to cause a denial of service (memory consumption) via a crafted FTP STAT command.
Pureftpd Pure-ftpd 0.97-final
Pureftpd Pure-ftpd 1.0.19
Pureftpd Pure-ftpd 1.0.10
Pureftpd Pure-ftpd 0.97pre1
Pureftpd Pure-ftpd 0.98-final
Pureftpd Pure-ftpd 0.95
Pureftpd Pure-ftpd 0.97pre4
Pureftpd Pure-ftpd 0.98.2a
Pureftpd Pure-ftpd 1.0.6
Pureftpd Pure-ftpd 0.97.3
Pureftpd Pure-ftpd 0.97pre3
Pureftpd Pure-ftpd 0.96.1
Pureftpd Pure-ftpd 1.0.15
Pureftpd Pure-ftpd 1.0.9
Pureftpd Pure-ftpd 0.97.7pre1
Pureftpd Pure-ftpd 0.97.5
Pureftpd Pure-ftpd 1.0.26
Pureftpd Pure-ftpd 0.95-pre3
Pureftpd Pure-ftpd 1.0.24
Pureftpd Pure-ftpd 0.98pre2
Pureftpd Pure-ftpd 0.99pre2
Pureftpd Pure-ftpd 0.97pre2
1 EDB exploit
NA
CVE-2010-2632
Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote malicious users to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that t...
Sun Sunos 5.8
Sun Sunos 5.10
Sun Sunos 5.9
Sun Sunos 5.11
1 EDB exploit
NA
CVE-2008-4247
ftpd in OpenBSD 4.3, FreeBSD 7.0, NetBSD 4.0, Solaris, and possibly other operating systems interprets long commands from an FTP client as multiple commands, which allows remote malicious users to conduct cross-site request forgery (CSRF) attacks and execute arbitrary FTP command...
Netbsd Netbsd 4.0
Freebsd Freebsd 7.0
Openbsd Openbsd 4.3
1 EDB exploit
NA
CVE-2006-6652
Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current prior to 20050914, NetBSD 2.* and 3.* prior to 20061203, and Apple Mac OS X prior to 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a lon...
Apple Mac Os X 10.4.3
Apple Mac Os X 10.2.5
Apple Mac Os X 10.2.7
Apple Mac Os X 10.0.2
Apple Mac Os X 10.2.8
Apple Mac Os X 10.2.1
Apple Mac Os X 10.3.1
Apple Mac Os X 10.3.5
Apple Mac Os X 10.4.1
Apple Mac Os X 10.1
Apple Mac Os X 10.0.1
Apple Mac Os X 10.4.10
Apple Mac Os X 10.0.3
Apple Mac Os X 10.4.9
Apple Mac Os X 10.1.4
Apple Mac Os X 10.2.4
Apple Mac Os X 10.4.7
Apple Mac Os X 10.4.4
Apple Mac Os X 10.3.2
Apple Mac Os X 10.2.2
Apple Mac Os X 10.0
Apple Mac Os X 10.3.7
2 EDB exploits
9.8
CVSSv3
CVE-2003-0466
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow malicious users to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 up to and including 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buff...
Wuftpd Wu-ftpd
Redhat Wu Ftpd 2.6.1-16
Apple Mac Os X Server 10.2.6
Apple Mac Os X 10.2.6
Sun Solaris 9.0
Freebsd Freebsd
Netbsd Netbsd
Openbsd Openbsd
5 EDB exploits
NA
CVE-2002-2245
ftpd in NetBSD 1.5 up to and including 1.5.3 and 1.6 does not properly quote a digit in response to a STAT command for a filename that contains a carriage return followed by a digit, which can cause firewalls and other intermediary devices to lose proper track of the FTP session.
Netbsd Ftpd 1.5.3
Netbsd Ftpd 1.6
Netbsd Ftpd 1.5.2
Netbsd Ftpd 1.5.1
Netbsd Ftpd 1.5
NA
CVE-2001-0247
Buffer overflows in BSD-based FTP servers allows remote malicious users to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.
Sgi Irix 6.5.6
Sgi Irix 6.5.3f
Sgi Irix 6.5.1
Sgi Irix 6.5.10
Sgi Irix 6.1
Sgi Irix 6.5.2m
Sgi Irix 6.5.3
Sgi Irix 6.5.3m
Sgi Irix 6.5.8
Sgi Irix 6.5.5
Sgi Irix 6.5.4
Sgi Irix 6.5.11
Sgi Irix 6.5.7
Mit Kerberos 5 1.2
Mit Kerberos 5 1.2.1
Mit Kerberos 5 1.2.2
Mit Kerberos 5 1.1.1
Freebsd Freebsd 3.1
Openbsd Openbsd 2.8
Freebsd Freebsd 2.2.5
Netbsd Netbsd 1.3
Netbsd Netbsd 1.5
3 EDB exploits
NA
CVE-2001-0053
One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote malicious users to gain root privileges.
David Madore Ftpd-bsd 0.2.3
Openbsd Openbsd 2.8
Netbsd Netbsd 1.5
Netbsd Netbsd 1.4.2
Openbsd Openbsd 2.7
Openbsd Openbsd 2.4
Netbsd Netbsd 1.4
Openbsd Openbsd 2.6
Netbsd Netbsd 1.4.1
Openbsd Openbsd 2.5
2 EDB exploits
NA
CVE-2000-0574
FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote malicious users to cause a denial of service or execute arbitr...
Washington University Wu-ftpd 2.4.2 Beta18
Washington University Wu-ftpd 2.4.2 Beta18 Vr14
Washington University Wu-ftpd 2.4.2 Vr17
Washington University Wu-ftpd 2.4.2 Beta18 Vr9
Washington University Wu-ftpd 2.5
Washington University Wu-ftpd 2.4.2 Vr16
Washington University Wu-ftpd 2.4.2 Beta18 Vr11
Washington University Wu-ftpd 2.4.2 Beta18 Vr6
Washington University Wu-ftpd 2.4.2 Beta1
Openbsd Ftpd 5.51
Washington University Wu-ftpd 2.4.2 Beta18 Vr4
Washington University Wu-ftpd 2.6
Washington University Wu-ftpd 2.4.2 Beta18 Vr12
Washington University Wu-ftpd 2.4.2 Beta18 Vr5
Washington University Wu-ftpd 2.4.2 Beta18 Vr13
Washington University Wu-ftpd 2.4.2 Beta18 Vr10
Washington University Wu-ftpd 2.4.2 Beta18 Vr15
Washington University Wu-ftpd 2.4.2 Beta18 Vr7
Openbsd Ftpd 5.60
Washington University Wu-ftpd 2.4.2 Beta18 Vr8
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »