CVE-2009-5141 – WarFTPd 1.82.00-RC12 - 'LIST' Format String Denial of Service
https://notcve.org/view.php?id=CVE-2009-5141
Format string vulnerability in War FTP Daemon (warftpd) 1.82 RC 12 allows remote authenticated users to cause a denial of service (crash) via format string specifiers in a LIST command. Vulnerabilidad de formato de cadena en War FTP Daemon (warftpd) 1.82 RC 12 permite a usuarios remotos autenticados causar una denegación de servicio (caída) a través de especificadores de formato de cadena en un comando LIST. • https://www.exploit-db.com/exploits/9622 http://archives.neohapsis.com/archives/bugtraq/2009-09/0105.html http://www.exploit-db.com/exploits/9622 http://www.osvdb.org/62599 http://www.warftp.org/index.php?menu=338&cmd=show_article&article_id=1003 https://www.corelan.be/index.php/forum/security-advisories-archive-2009/corelan-09001-warftpd-1-82-rc12-dos • CWE-134: Use of Externally-Controlled Format String •
CVE-2013-2278
https://notcve.org/view.php?id=CVE-2013-2278
Unspecified vulnerability in War FTP Daemon (warftpd) 1.82, when running as a Windows service, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to log messages and the "internal log handler to the Windows Event log." Vulnerabilidad no especificada en War FTP Daemon (warftpd) 1.82, cuando se ejecuta como un servicio de Windows, permite a atacantes remotos causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de vectores desconocidos relacionados con mensajes de registro y el manejador de registro interno hacia el registro de Windows Event. • http://www.securityfocus.com/archive/1/525830 http://www.warftp.org/index.php?cmd=show_article&article_id=1035 •
CVE-2006-2171
https://notcve.org/view.php?id=CVE-2006-2171
Buffer overflow in WDM.exe in WarFTPD allows remote attackers to execute arbitrary code via unspecified arguments, as demonstrated by the Infigo FTPStress Fuzzer. Desbordamiento de búfer en WDM.exe en WarFTPD permite a atacantes remotos ejecutar código arbitrario a través de argumentos no especificados, según lo demostrado por el Infigo FTPStress Fuzzer. • http://archives.neohapsis.com/archives/bugtraq/2006-05/0139.html http://marc.info/?l=bugtraq&m=114658586018818&w=2 http://www.infigo.hr/en/in_focus/tools http://www.infigo.hr/hr/in_focus/advisories/INFIGO-2006-05-03 http://www.osvdb.org/25220 http://www.securityfocus.com/bid/17803 https://exchange.xforce.ibmcloud.com/vulnerabilities/26304 •
CVE-2000-0131 – Jgaa WarFTPd 1.66 x4s/1.67-3 - 'CWD/MKD' Denial of Service
https://notcve.org/view.php?id=CVE-2000-0131
Buffer overflow in War FTPd 1.6x allows users to cause a denial of service via long MKD and CWD commands. • https://www.exploit-db.com/exploits/19740 http://marc.info/?l=bugtraq&m=94960703721503&w=2 http://www.osvdb.org/4677 http://www.securityfocus.com/bid/966 •
CVE-2000-0044
https://notcve.org/view.php?id=CVE-2000-0044
Macros in War FTP 1.70 and 1.67b2 allow local or remote attackers to read arbitrary files or execute commands. • http://www.securityfocus.com/bid/919 •