Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ftp ftp pasv vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-4643
Multiple heap-based buffer overflows in the client in Core FTP LE 2.2 build 1798 allow remote FTP servers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string in a reply to a (1) USER, (2) PASS, (3) PASV, (4) SYST, (5) PWD, or (6)...
Coreftp Core Ftp 2.2
1 EDB exploit
7.5
CVSSv3
CVE-2024-0889
A vulnerability was found in Kmint21 Golden FTP Server 2.02b and classified as problematic. This issue affects some unknown processing of the component PASV Command Handler. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been di...
Kmint21 Golden Ftp Server 2.02b
NA
CVE-2007-1563
The FTP protocol implementation in Opera 9.10 allows remote malicious users to allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.
Opera Opera Browser 9.10
1 EDB exploit
NA
CVE-2000-1027
Cisco Secure PIX Firewall 5.2(2) allows remote malicious users to determine the real IP address of a target FTP server by flooding the server with PASV requests, which includes the real IP address in the response when passive mode is established.
Cisco Pix Firewall Software 5.2
1 EDB exploit
NA
CVE-2007-1564
The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.
Kde Konqueror 3.5.5
1 EDB exploit
NA
CVE-2007-1562
The FTP protocol implementation in Mozilla Firefox prior to 1.5.0.11 and 2.x prior to 2.0.0.3 allows remote malicious users to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in a...
Mozilla Firefox
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 5.10
Canonical Ubuntu Linux 6.10
1 EDB exploit
NA
CVE-2003-0558
Buffer overflow in LeapFTP 2.7.3.600 allows remote FTP servers to execute arbitrary code via a long IP address response to a PASV request.
Leapware Leapftp 2.7.3.600
2 EDB exploits
3.7
CVSSv3
CVE-2020-8284
A malicious server can use the FTP PASV response to trick curl 7.73.0 and previous versions into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing p...
Haxx Curl
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Storage Node -
Netapp Hci Bootstrap Os -
Apple Mac Os X
Apple Mac Os X 10.14.6
Apple Mac Os X 10.15.7
Apple Macos 11.0.1
Apple Macos 11.1
Apple Macos 11.2
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Essbase 21.2
Oracle Communications Cloud Native Core Policy 1.14.0
Fujitsu M10-1 Firmware
Fujitsu M10-4 Firmware
2 Github repositories
NA
CVE-2007-4679
CFFTP in CFNetwork for Apple Mac OS X 10.4 up to and including 10.4.10 allows remote FTP servers to force clients to connect to other hosts via crafted responses to FTP PASV commands.
Apple Mac Os X
NA
CVE-2002-0768
Buffer overflow in lukemftp FTP client in SuSE 6.4 up to and including 8.0, and possibly other operating systems, allows a malicious FTP server to execute arbitrary code via a long PASV command.
Luke Mewburn Lukemftp
Suse Suse Linux 8.0
Suse Suse Linux 6.4
Suse Suse Linux 7.0
Suse Suse Linux 7.1
Suse Suse Linux 7.2
Suse Suse Linux 7.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »