CVE-2024-1190 – Global Scape CuteFTP denial of service
https://notcve.org/view.php?id=CVE-2024-1190
A vulnerability was found in Global Scape CuteFTP 9.3.0.3 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument Host/Username/Password leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. • https://fitoxs.com/vuldb/16-exploit-perl.txt https://vuldb.com/?ctiid.252680 https://vuldb.com/?id.252680 • CWE-404: Improper Resource Shutdown or Release •
CVE-2009-3483
https://notcve.org/view.php?id=CVE-2009-3483
Heap-based buffer overflow in the Create New Site feature in GlobalSCAPE CuteFTP Professional, Home, and Lite 8.3.3 and 8.3.3.0054 allows user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a site list containing an entry with a long label. Desbordamiento de búfer basado en memoria dinámica -heap- en Create New Site feature en GlobalSCAPE CuteFTP Professional, Home, y Lite v8.3.3 y v8.3.3.0054 permite a atacantes remotos asistidos por el usuario causar una denegación de servicio (caída de memoria) o probablemente ejecutar código de su elección a a través de un sitio list contenido en una entrada con una etiqueta larga. • http://secunia.com/advisories/36874 http://www.osvdb.org/58387 http://www.packetstormsecurity.org/0909-exploits/Dr_IDE-CuteFTP_FTP_8.3.3-PoC.py.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/53487 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-2779
https://notcve.org/view.php?id=CVE-2008-2779
Directory traversal vulnerability in GlobalSCAPE CuteFTP Home 8.2.0 Build 02.26.2008.4 and CuteFTP Pro 8.2.0 Build 04.01.2008.1 allows remote FTP servers to create or overwrite arbitrary files via ..\ (dot dot backslash) sequences in responses to LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writing to a Startup folder. Vulnerabilidad de Salto de Directorio en GlobalSCAPE CuteFTP Home 8.2.0 Build0 2.26.2008.4 y CuteFTP Pro 8.2.0 Build 04.01.2008.1, permite en servidores FTP remotos crear y sobrescribir ficheros arbitrariamente mediante secuencias ..\ (punto punto barra invertida) en respuesta a comandos LIST, un problema relacionado con la CVE-2002-1345. NOTA: puede aprovecharse para ejecución de código escribiendo en el fichero de inicio. • http://secunia.com/advisories/29760 http://vuln.sg/cuteftp820-en.html http://www.securitytracker.com/id?1020113 http://www.vupen.com/english/advisories/2008/1653/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42633 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2004-1136
https://notcve.org/view.php?id=CVE-2004-1136
Buffer overflow in CuteFTP Professional 6.0, and possibly other versions, allows remote FTP servers to cause a denial of service (application crash) via large replies to FTP commands. • http://marc.info/?l=bugtraq&m=110182983622642&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/18309 •
CVE-2003-1259
https://notcve.org/view.php?id=CVE-2003-1259
Buffer overflow in CuteFTP 4.2 and 5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner. • http://archives.neohapsis.com/archives/bugtraq/2003-01/0026.html http://www.iss.net/security_center/static/10984.php http://www.securityfocus.com/archive/1/325659 http://www.securityfocus.com/bid/6518 •