Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ftpd vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-45198
ftpd before "NetBSD-ftpd 20230930" can leak information about the host filesystem before authentication via an MLSD or MLST command. tnftpd (the portable version of NetBSD ftpd) prior to 20231001 is also vulnerable.
Netbsd Tnftpd
Netbsd Ftpd
NA
CVE-2023-40303
GNU inetutils prior to 2.5 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before ...
Gnu Inetutils
445
VMScore
CVE-2021-40524
In Pure-FTPd prior to 1.0.50, an incorrect max_filesize quota mechanism in the server allows malicious users to upload files of unbounded size, which may lead to denial of service or a server hang. This occurs because a certain greater-than-zero test does not anticipate an initia...
Pureftpd Pure-ftpd
445
VMScore
CVE-2010-4816
It was found in FreeBSD 8.0, 6.3 and 4.9, and OpenBSD 4.6 that a null pointer dereference in ftpd/popen.c may lead to remote denial of service of the ftpd service.
Openbsd Openbsd 4.6
Openbsd Openbsd 4.9
Openbsd Openbsd 6.3
Openbsd Openbsd 8.0
801
VMScore
CVE-2020-7468
In FreeBSD 12.2-STABLE before r365772, 11.4-STABLE before r365773, 12.1-RELEASE before p10, 11.4-RELEASE before p4 and 11.3-RELEASE before p14 a ftpd(8) bug in the implementation of the file system sandbox, combined with capabilities available to an authenticated FTP user, can be...
Freebsd Freebsd 11.3
Freebsd Freebsd 12.1
Freebsd Freebsd 11.4
Freebsd Freebsd 12.2
890
VMScore
CVE-2013-2512
The ftpd gem 0.2.1 for Ruby allows remote malicious users to execute arbitrary OS commands via shell metacharacters in a LIST or NLST command argument within FTP protocol traffic.
Ftpd Project Ftpd 0.2.1
445
VMScore
CVE-2020-35359
Pure-FTPd 1.0.48 allows remote malicious users to prevent legitimate server use by making enough connections to exceed the connection limit.
Pureftpd Pure-ftpd 1.0.48
454
VMScore
CVE-2020-1939
The Apache NuttX (Incubating) project provides an optional separate "apps" repository which contains various optional components and example programs. One of these, ftpd, had a NULL pointer dereference bug. The NuttX RTOS itself is not affected. Users of the optional ap...
Apache Nuttx
445
VMScore
CVE-2020-9274
An issue exists in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked list. When the *lookup_alias(const char alias) or print_aliases(void) function is called, they fail to correctly detect the end of the linked list and try to acc...
Pureftpd Pure-ftpd
Debian Debian Linux 8.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Extra Packages For Enterprise Linux 7.0
Canonical Ubuntu Linux 16.04
445
VMScore
CVE-2020-9365
An issue exists in Pure-FTPd 1.0.49. An out-of-bounds (OOB) read has been detected in the pure_strcmp function in utils.c.
Pureftpd Pure-ftpd 1.0.49
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »