CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 1CVE-2008-2779
https://notcve.org/view.php?id=CVE-2008-2779
Directory traversal vulnerability in GlobalSCAPE CuteFTP Home 8.2.0 Build 02.26.2008.4 and CuteFTP Pro 8.2.0 Build 04.01.2008.1 allows remote FTP servers to create or overwrite arbitrary files via ..\ (dot dot backslash) sequences in responses to LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writing to a Startup folder. Vulnerabilidad de Salto de Directorio en GlobalSCAPE CuteFTP Home 8.2.0 Build0 2.26.2008.4 y CuteFTP Pro 8.2.0 Build 04.01.2008.1, permite en servidores FTP remotos crear y sobrescribir ficheros arbitrariamente mediante secuencias ..\ (punto punto barra invertida) en respuesta a comandos LIST, un problema relacionado con la CVE-2002-1345. NOTA: puede aprovecharse para ejecución de código escribiendo en el fichero de inicio. • http://secunia.com/advisories/29760 http://vuln.sg/cuteftp820-en.html http://www.securitytracker.com/id?1020113 http://www.vupen.com/english/advisories/2008/1653/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42633 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.0EPSS: 0%CPEs: 9EXPL: 0CVE-2006-1693
https://notcve.org/view.php?id=CVE-2006-1693
Unspecified vulnerability in GlobalSCAPE Secure FTP Server before 3.1.4 Build 01.10.2006 allows attackers to cause a denial of service (application crash) via a "custom command" with a long argument. • http://secunia.com/advisories/19547 http://www.globalscape.com/gsftps/history.asp http://www.osvdb.org/24451 http://www.securityfocus.com/bid/17398 https://exchange.xforce.ibmcloud.com/vulnerabilities/25665 •
CVSS: 10.0EPSS: 32%CPEs: 2EXPL: 3CVE-2005-1415 – GlobalScape Secure FTP Server - Input Overflow
https://notcve.org/view.php?id=CVE-2005-1415
Buffer overflow in GlobalSCAPE Secure FTP Server 3.0.2 allows remote authenticated users to execute arbitrary code via a long FTP command. • https://www.exploit-db.com/exploits/16703 https://www.exploit-db.com/exploits/975 http://archives.neohapsis.com/archives/fulldisclosure/2005-04/0674.html http://www.cuteftp.com/gsftps/history.asp http://www.securityfocus.com/bid/13454 •
CVSS: 5.0EPSS: 4%CPEs: 1EXPL: 3CVE-2004-2366 – GlobalScape Secure FTP Server 2.0 Build 03.11.2004.2 - Site Command Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-2366
Buffer overflow in GlobalSCAPE Secure FTP Server 2.0 B03.11.2004.2 allows remote attackers to cause a denial of service (crash) via a SITE command with a long argument. • https://www.exploit-db.com/exploits/23839 http://secunia.com/advisories/11159 http://www.cuteftp.com/gsftps/history.asp http://www.securiteam.com/windowsntfocus/5KP0C20CAC.html http://www.securityfocus.com/bid/9904 https://exchange.xforce.ibmcloud.com/vulnerabilities/15511 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2004-1136
https://notcve.org/view.php?id=CVE-2004-1136
Buffer overflow in CuteFTP Professional 6.0, and possibly other versions, allows remote FTP servers to cause a denial of service (application crash) via large replies to FTP commands. • http://marc.info/?l=bugtraq&m=110182983622642&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/18309 •