Page 2 of 10 results (0.004 seconds)

CVSS: 8.5EPSS: 97%CPEs: 8EXPL: 7

Stack-based buffer overflow in the site chmod command in Serv-U FTP Server before 4.2 allows remote attackers to execute arbitrary code via a long filename. • https://www.exploit-db.com/exploits/149 https://www.exploit-db.com/exploits/23591 https://www.exploit-db.com/exploits/23592 https://www.exploit-db.com/exploits/822 https://www.exploit-db.com/exploits/18190 http://archives.neohapsis.com/archives/bugtraq/2004-01/0249.html http://marc.info/?l=bugtraq&m=107513654005840&w=2 http://securitytracker.com/id?1008841 http://www.securityfocus.com/bid/9483 http://www.securityfocus.com/bid/9675 https://exchange.xforce.ibmcloud • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 4%CPEs: 10EXPL: 2

Serv-U FTP server 4.x and 5.x allows remote attackers to cause a denial of service (application crash) via a STORE UNIQUE (STOU) command with an MS-DOS device name argument such as (1) COM1, (2) LPT1, (3) PRN, or (4) AUX. • https://www.exploit-db.com/exploits/463 http://marc.info/?l=bugtraq&m=109495074211638&w=2 http://secunia.com/advisories/12507 http://www.securityfocus.com/bid/11155 https://exchange.xforce.ibmcloud.com/vulnerabilities/17329 • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 92%CPEs: 10EXPL: 4

Buffer overflow in Serv-U FTP server before 5.0.0.6 allows remote attackers to cause a denial of service (crash) via a long -l parameter, which triggers an out-of-bounds read. • https://www.exploit-db.com/exploits/24029 http://marc.info/?l=bugtraq&m=108360377119290&w=2 http://marc.info/?l=ntbugtraq&m=108359620108234&w=2 http://secunia.com/advisories/11430 http://securitytracker.com/id?1009869 http://www.osvdb.org/5546 http://www.securiteam.com/windowsntfocus/5ZP0G2KCKA.html http://www.securityfocus.com/bid/10181 https://exchange.xforce.ibmcloud.com/vulnerabilities/15913 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 93%CPEs: 9EXPL: 7

Buffer overflow in Serv-U ftp before 5.0.0.4 allows remote authenticated users to execute arbitrary code via a long time zone argument to the MDTM command. • https://www.exploit-db.com/exploits/23760 https://www.exploit-db.com/exploits/23761 https://www.exploit-db.com/exploits/23762 https://www.exploit-db.com/exploits/158 https://www.exploit-db.com/exploits/23763 https://www.exploit-db.com/exploits/16715 http://marc.info/?l=bugtraq&m=107781164214399&w=2 http://www.cnhonker.com/advisory/serv-u.mdtm.txt http://www.securityfocus.com/bid/9751 https://exchange.xforce.ibmcloud.com/vulnerabilities/15323 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 0

Serv-U FTP server 3.0, 3.1 and 4.0.0.4 does not accept new connections while validating user folder access rights, which allows remote attackers to cause a denial of service (no new connections) via a series of MKD commands. • http://archives.neohapsis.com/archives/bugtraq/2002-11/0109.html http://www.iss.net/security_center/static/10573.php http://www.securityfocus.com/bid/6112 • CWE-20: Improper Input Validation •