Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ftp ftp pasv vulnerabilities and exploits
(subscribe to this query)
NA
CVE-1999-0076
Buffer overflow in wu-ftp from PASV command causes a core dump.
Washington University Wu-ftpd
NA
CVE-2002-1063
Thomas Hauck Jana Server 2.x up to and including 2.2.1, and 1.4.6 and previous versions, allows remote malicious users to cause a denial of service (resource exhaustion) via a large number of FTP PASV requests, which consumes all available FTP ports.
T. Hauck Jana Web Server 1.0
T. Hauck Jana Web Server 1.45
T. Hauck Jana Web Server 1.46
T. Hauck Jana Web Server 2.0 Beta1
T. Hauck Jana Web Server 2.2.1
T. Hauck Jana Web Server 2.0
T. Hauck Jana Web Server 2.0 Beta2
NA
CVE-2009-3364
Stack-based buffer overflow in FTPShell Client 4.1 RC2 allows remote FTP servers to execute arbitrary code via a long response to a PASV command.
Ftpshell Ftpshell 4.1
1 EDB exploit
NA
CVE-1999-1148
FTP service in IIS 4.0 and previous versions allows remote malicious users to cause a denial of service (resource exhaustion) via many passive (PASV) connections at the same time.
Microsoft Internet Information Server
NA
CVE-2007-3768
The mirror mechanism in SurgeFTP 2.3a1 allows user-assisted, remote FTP servers to cause a denial of service (restart) via a malformed response to a PASV command.
Netwin Surgeftp
NA
CVE-2002-1943
SafeTP 1.46, when network address translation (NAT) is being used, leaks the internal IP address of the FTP server in a response to a passive mode (PASV) file transfer request.
Safetp Safetp Server 1.46
1 EDB exploit
NA
CVE-2002-1978
IPFilter 3.1.1 up to and including 3.4.28 allows remote malicious users to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if...
Darren Reed Ipfilter 3.1.3
Darren Reed Ipfilter 3.1.4
Darren Reed Ipfilter 3.1.5
Darren Reed Ipfilter 3.1.6
Darren Reed Ipfilter 3.2.18
Darren Reed Ipfilter 3.2.19
Darren Reed Ipfilter 3.2.2
Darren Reed Ipfilter 3.2.20
Darren Reed Ipfilter 3.3.13
Darren Reed Ipfilter 3.3.14
Darren Reed Ipfilter 3.3.15
Darren Reed Ipfilter 3.3.16
Darren Reed Ipfilter 3.3.9
Darren Reed Ipfilter 3.4.1
Darren Reed Ipfilter 3.4.10
Darren Reed Ipfilter 3.4.11
Darren Reed Ipfilter 3.4.23
Darren Reed Ipfilter 3.4.24
Darren Reed Ipfilter 3.4.25
Darren Reed Ipfilter 3.4.26
Darren Reed Ipfilter 3.4.27
Darren Reed Ipfilter 3.1.10
NA
CVE-2002-0600
Heap overflow in the KTH Kerberos 4 FTP client 4-1.1.1 allows remote malicious servers to execute arbitrary code on the client via a long response to a passive (PASV) mode request.
Kth Kth Kerberos 4 1.0.2
Kth Kth Kerberos 4 1.0.3
Kth Kth Kerberos 4 1.0.4
Kth Kth Kerberos 4 1.1.1
Luke Mewburn Lukemftp 1.5
6.5
CVSSv3
CVE-2021-40491
The ftp client in GNU Inetutils prior to 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl.
Gnu Inetutils
Debian Debian Linux 10.0
NA
CVE-2007-1308
ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror in KDE 3.5.5, allows remote malicious users to cause a denial of service (crash) by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer dereference.
Kde Konqueror 3.5.5
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »