Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pureftpd pure-ftpd vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-40524
In Pure-FTPd prior to 1.0.50, an incorrect max_filesize quota mechanism in the server allows malicious users to upload files of unbounded size, which may lead to denial of service or a server hang. This occurs because a certain greater-than-zero test does not anticipate an initia...
Pureftpd Pure-ftpd
7.5
CVSSv3
CVE-2020-35359
Pure-FTPd 1.0.48 allows remote malicious users to prevent legitimate server use by making enough connections to exceed the connection limit.
Pureftpd Pure-ftpd 1.0.48
7.5
CVSSv3
CVE-2020-9274
An issue exists in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked list. When the *lookup_alias(const char alias) or print_aliases(void) function is called, they fail to correctly detect the end of the linked list and try to acc...
Pureftpd Pure-ftpd
Debian Debian Linux 8.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Extra Packages For Enterprise Linux 7.0
Canonical Ubuntu Linux 16.04
7.5
CVSSv3
CVE-2020-9365
An issue exists in Pure-FTPd 1.0.49. An out-of-bounds (OOB) read has been detected in the pure_strcmp function in utils.c.
Pureftpd Pure-ftpd 1.0.49
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
7.5
CVSSv3
CVE-2019-20176
In Pure-FTPd 1.0.49, a stack exhaustion issue exists in the listdir function in ls.c.
Pureftpd Pure-ftpd 1.0.49
Fedoraproject Fedora 30
Fedoraproject Fedora 31
9.8
CVSSv3
CVE-2017-12170
Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original configuration was ignored after update and service started running with default configuration. This has security implications because of overriding security-r...
Pureftpd Pure-ftpd 1.0.46-1
Fedoraproject Fedora 27
Fedoraproject Fedora 26
NA
CVE-2011-3171
Directory traversal vulnerability in pure-FTPd 1.0.22 and possibly other versions, when running on SUSE Linux Enterprise Server and possibly other operating systems, when the Netware OES remote server feature is enabled, allows local users to overwrite arbitrary files via unknown...
Pureftpd Pure-ftpd 0.96
Pureftpd Pure-ftpd 0.99.4
Pureftpd Pure-ftpd 0.99.9
Pureftpd Pure-ftpd 0.99.2
Pureftpd Pure-ftpd 0.97.7
Pureftpd Pure-ftpd 0.95
Pureftpd Pure-ftpd 0.98.5
Pureftpd Pure-ftpd 0.98.4
Pureftpd Pure-ftpd 0.97.3
Pureftpd Pure-ftpd 0.97.4
Pureftpd Pure-ftpd 0.95.2
Pureftpd Pure-ftpd 0.91
Pureftpd Pure-ftpd 0.92
Pureftpd Pure-ftpd 0.97
Pureftpd Pure-ftpd 0.99
Pureftpd Pure-ftpd 1.0.15
Pureftpd Pure-ftpd 1.0.16
Pureftpd Pure-ftpd 1.0.2
Pureftpd Pure-ftpd 1.0.20
Pureftpd Pure-ftpd 1.0.8
Pureftpd Pure-ftpd 1.0.9
Pureftpd Pure-ftpd 0.98.3
NA
CVE-2011-0418
The glob implementation in Pure-FTPd prior to 1.0.32, and in libc in NetBSD 5.1, does not properly expand expressions containing curly brackets, which allows remote authenticated users to cause a denial of service (memory consumption) via a crafted FTP STAT command.
Pureftpd Pure-ftpd 1.0.15
Pureftpd Pure-ftpd 1.0.16a
Pureftpd Pure-ftpd 1.0.20
Pureftpd Pure-ftpd 1.0.21
Pureftpd Pure-ftpd 1.0.9
Pureftpd Pure-ftpd 1.0.8
Pureftpd Pure-ftpd 1.0.0
Pureftpd Pure-ftpd 0.99.9
Pureftpd Pure-ftpd 0.99.1
Pureftpd Pure-ftpd 0.99b
Pureftpd Pure-ftpd 1.0.12
Pureftpd Pure-ftpd 1.0.13a
Pureftpd Pure-ftpd 1.0.14
Pureftpd Pure-ftpd 1.0.18
Pureftpd Pure-ftpd 1.0.19
Pureftpd Pure-ftpd 1.0.28
Pureftpd Pure-ftpd 1.0.10
Pureftpd Pure-ftpd 1.0.2
Pureftpd Pure-ftpd 1.0.1
Pureftpd Pure-ftpd 0.99.1b
Pureftpd Pure-ftpd 0.99.1a
Pureftpd Pure-ftpd 0.98.7
1 EDB exploit
NA
CVE-2011-1575
The STARTTLS implementation in ftp_parser.c in Pure-FTPd prior to 1.0.30 does not properly restrict I/O buffering, which allows man-in-the-middle malicious users to insert commands into encrypted FTP sessions by sending a cleartext command that is processed after TLS is in place,...
Pureftpd Pure-ftpd 1.0.16a
Pureftpd Pure-ftpd 1.0.14
Pureftpd Pure-ftpd 1.0.15
Pureftpd Pure-ftpd 1.0.20
Pureftpd Pure-ftpd 1.0.21
Pureftpd Pure-ftpd 1.0.10
Pureftpd Pure-ftpd 1.0.9
Pureftpd Pure-ftpd 1.0.2
Pureftpd Pure-ftpd 1.0.1
Pureftpd Pure-ftpd 0.99.1a
Pureftpd Pure-ftpd 0.99.1
Pureftpd Pure-ftpd 0.98.6
Pureftpd Pure-ftpd 0.98.5
Pureftpd Pure-ftpd 0.98pre2
Pureftpd Pure-ftpd 0.98pre1
Pureftpd Pure-ftpd 0.97.3
Pureftpd Pure-ftpd 0.97.2
Pureftpd Pure-ftpd 0.97pre1
Pureftpd Pure-ftpd 0.96.1
Pureftpd Pure-ftpd 0.95-pre3
Pureftpd Pure-ftpd 0.95-pre2
Pureftpd Pure-ftpd 0.95-pre1
NA
CVE-2011-0988
pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and SP4, and Enterprise Desktop 10 SP3 and SP4, when running OES Netware extensions, creates a world-writeable directory, which allows local users to overwrite arbitrary files and gain privileges via unspecified vec...
Novell Suse Linux 11
Pureftpd Pure-ftpd 1.0.22
Novell Suse Linux 10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started