CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-27052
https://notcve.org/view.php?id=CVE-2022-27052
FreeFtpd version 1.0.13 and below contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges. FreeFtpd versión 1.0.13 y anteriores, contiene una vulnerabilidad de ruta de servicio no citada que permite a usuarios locales lanzar procesos con altos privilegios • https://github.com/ycdxsb/Vuln/tree/main/FreeFTPd-Unquoted-Service-Path • CWE-428: Unquoted Search Path or Element •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2019-19383
https://notcve.org/view.php?id=CVE-2019-19383
freeFTPd 1.0.8 has a Post-Authentication Buffer Overflow via a crafted SIZE command (this is exploitable even if logging is disabled). freeFTPd versión 1.0.8, presenta un Desbordamiento de Búfer Post-Autenticación por medio de un comando SIZE diseñado (esto es explotable incluso si el registro está deshabilitado). • https://github.com/killvxk/CVE-2019-19383 https://github.com/m0rph-1/CVE-2019-19383 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 11EXPL: 0CVE-2012-6067
https://notcve.org/view.php?id=CVE-2012-6067
freeFTPd.exe in freeFTPd through 1.0.11 allows remote attackers to bypass authentication via a crafted SFTP session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c. freeFTPd.exe en freeFTPd hasta v1.0.11 permite a atacantes remotos evitar la autenticación a través de una sesión de SFTP manipulada, como lo demuestra un cliente OpenSSH con versiones modificadas de ssh.c y sshconnect2.c. • http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0011.html • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 6%CPEs: 1EXPL: 1CVE-2005-3684 – freeFTPd 1.0.8 - 'USER' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-3684
Multiple buffer overflows in freeFTPd 1.0.8, without logging enabled, allow remote authenticated attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via long (1) MKD and (2) DELE commands. • https://www.exploit-db.com/exploits/1330 http://marc.info/?l=full-disclosure&m=113222358007499&w=2 http://secunia.com/advisories/17624 http://www.osvdb.org/20909 http://www.securityfocus.com/bid/15486 http://www.vupen.com/english/advisories/2005/2471 https://exchange.xforce.ibmcloud.com/vulnerabilities/23118 •
CVSS: 7.5EPSS: 70%CPEs: 9EXPL: 3CVE-2005-3683 – freeFTPd 1.0 - 'Username' Remote Overflow
https://notcve.org/view.php?id=CVE-2005-3683
Stack-based buffer overflow in freeFTPd before 1.0.9 with Logging enabled, allows remote attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via a long USER command. • https://www.exploit-db.com/exploits/16707 https://www.exploit-db.com/exploits/1330 http://freeftpd.com/?ctt=changelog http://marc.info/?l=full-disclosure&m=113213763821294&w=2 http://marc.info/?l=full-disclosure&m=113216611924774&w=2 http://secunia.com/advisories/17583 http://securitytracker.com/id?1015230 http://www.osvdb.org/20909 http://www.securityfocus.com/bid/15457 http://www.vupen.com/english/advisories/2005/2458 https://exchange.xforce.ibmcloud.com/vulnera •