Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pasv vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-3364
Stack-based buffer overflow in FTPShell Client 4.1 RC2 allows remote FTP servers to execute arbitrary code via a long response to a PASV command.
Ftpshell Ftpshell 4.1
1 EDB exploit
NA
CVE-2007-3768
The mirror mechanism in SurgeFTP 2.3a1 allows user-assisted, remote FTP servers to cause a denial of service (restart) via a malformed response to a PASV command.
Netwin Surgeftp
NA
CVE-1999-1148
FTP service in IIS 4.0 and previous versions allows remote malicious users to cause a denial of service (resource exhaustion) via many passive (PASV) connections at the same time.
Microsoft Internet Information Server
NA
CVE-2002-1943
SafeTP 1.46, when network address translation (NAT) is being used, leaks the internal IP address of the FTP server in a response to a passive mode (PASV) file transfer request.
Safetp Safetp Server 1.46
1 EDB exploit
NA
CVE-2001-0702
Cerberus FTP 1.5 and previous versions allows remote malicious users to cause a denial of service, and possibly execute arbitrary code, via a long (1) username, (2) password, or (3) PASV command.
Grant Averett Ceberus Ftp Server 1.1
Grant Averett Ceberus Ftp Server 1.0
Grant Averett Ceberus Ftp Server 1.22
Grant Averett Ceberus Ftp Server 1.5
Grant Averett Ceberus Ftp Server 1.2
Grant Averett Ceberus Ftp Server 1.01
Grant Averett Ceberus Ftp Server 1.3
1 EDB exploit
NA
CVE-2002-0768
Buffer overflow in lukemftp FTP client in SuSE 6.4 up to and including 8.0, and possibly other operating systems, allows a malicious FTP server to execute arbitrary code via a long PASV command.
Luke Mewburn Lukemftp
Suse Suse Linux 7.2
Suse Suse Linux 8.0
Suse Suse Linux 7.0
Suse Suse Linux 7.1
Suse Suse Linux 6.4
Suse Suse Linux 7.3
NA
CVE-2007-4679
CFFTP in CFNetwork for Apple Mac OS X 10.4 up to and including 10.4.10 allows remote FTP servers to force clients to connect to other hosts via crafted responses to FTP PASV commands.
Apple Mac Os X
NA
CVE-2002-0600
Heap overflow in the KTH Kerberos 4 FTP client 4-1.1.1 allows remote malicious servers to execute arbitrary code on the client via a long response to a passive (PASV) mode request.
Kth Kth Kerberos 4 1.0.3
Kth Kth Kerberos 4 1.0.2
Luke Mewburn Lukemftp 1.5
Kth Kth Kerberos 4 1.1.1
Kth Kth Kerberos 4 1.0.4
6.5
CVSSv3
CVE-2021-40491
The ftp client in GNU Inetutils prior to 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl.
Gnu Inetutils
Debian Debian Linux 10.0
NA
CVE-2000-0150
Check Point Firewall-1 allows remote malicious users to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client's PASV attempt.
Checkpoint Firewall-1 3.0
Checkpoint Firewall-1 4.0
Cisco Pix Firewall Software 4.1(6)
Cisco Pix Firewall Software 4.1(6b)
Cisco Pix Firewall Software 4.3
Cisco Pix Firewall Software 4.2(1)
Cisco Pix Firewall Software 4.4(4)
Cisco Pix Firewall Software 4.2(2)
Cisco Pix Firewall Software 5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »