Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ftp ftp pasv vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2014-4643
Multiple heap-based buffer overflows in the client in Core FTP LE 2.2 build 1798 allow remote FTP servers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string in a reply to a (1) USER, (2) PASS, (3) PASV, (4) SYST, (5) PWD, or (6)...
Coreftp Core Ftp 2.2
1 EDB exploit
NA
CVE-2024-0889
A vulnerability was found in Kmint21 Golden FTP Server 2.02b and classified as problematic. This issue affects some unknown processing of the component PASV Command Handler. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been di...
Kmint21 Golden Ftp Server 2.02b
685
VMScore
CVE-2007-1563
The FTP protocol implementation in Opera 9.10 allows remote malicious users to allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.
Opera Opera Browser 9.10
1 EDB exploit
505
VMScore
CVE-2000-1027
Cisco Secure PIX Firewall 5.2(2) allows remote malicious users to determine the real IP address of a target FTP server by flooding the server with PASV requests, which includes the real IP address in the response when passive mode is established.
Cisco Pix Firewall Software 5.2
1 EDB exploit
685
VMScore
CVE-2007-1562
The FTP protocol implementation in Mozilla Firefox prior to 1.5.0.11 and 2.x prior to 2.0.0.3 allows remote malicious users to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in a...
Mozilla Firefox
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 5.10
Canonical Ubuntu Linux 6.10
1 EDB exploit
685
VMScore
CVE-2007-1564
The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.
Kde Konqueror 3.5.5
1 EDB exploit
760
VMScore
CVE-2003-0558
Buffer overflow in LeapFTP 2.7.3.600 allows remote FTP servers to execute arbitrary code via a long IP address response to a PASV request.
Leapware Leapftp 2.7.3.600
2 EDB exploits
384
VMScore
CVE-2020-8284
A malicious server can use the FTP PASV response to trick curl 7.73.0 and previous versions into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing p...
Haxx Curl
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Storage Node -
Netapp Hci Bootstrap Os -
Apple Mac Os X
Apple Mac Os X 10.14.6
Apple Mac Os X 10.15.7
Apple Macos 11.0.1
Apple Macos 11.1
Apple Macos 11.2
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Essbase 21.2
Oracle Communications Cloud Native Core Policy 1.14.0
Fujitsu M10-1 Firmware
Fujitsu M10-4 Firmware
2 Github repositories
668
VMScore
CVE-2002-0768
Buffer overflow in lukemftp FTP client in SuSE 6.4 up to and including 8.0, and possibly other operating systems, allows a malicious FTP server to execute arbitrary code via a long PASV command.
Luke Mewburn Lukemftp
Suse Suse Linux 8.0
Suse Suse Linux 6.4
Suse Suse Linux 7.0
Suse Suse Linux 7.1
Suse Suse Linux 7.2
Suse Suse Linux 7.3
231
VMScore
CVE-2007-4679
CFFTP in CFNetwork for Apple Mac OS X 10.4 up to and including 10.4.10 allows remote FTP servers to force clients to connect to other hosts via crafted responses to FTP PASV commands.
Apple Mac Os X
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »