Page 3 of 17 results (0.011 seconds)

CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 0

Stack-based buffer overflow in Core FTP before 2.2 build 1785 allows remote FTP servers to execute arbitrary code via a crafted directory name in a CWD command reply. Desbordamiento de buffer basado en pila en Core FTP anterior a 2.2 build 1785 permite a servidores remotos FTP ejecutar código arbitrario a través de un nombre de directorio manipulado en una respuesta de comando CWD. • http://osvdb.org/96314 http://secunia.com/advisories/53743 http://www.coreftp.com/forums/viewtopic.php?t=222102 http://www.securityfocus.com/bid/61786 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Multiple buffer overflows in Core FTP Server before 1.2 build 508 allow local users to gain privileges via vectors related to reading data from config.dat and Windows Registry. Múltiples desbordamientos de búfer en Core FTP Server, en versiones anteriores a la 1.2 build 508, permiten que usuarios locales obtengan privilegios mediante vectores relacionados con la lectura de datos de config.dat y el registro de Windows. • http://www.securityfocus.com/archive/1/531144/100/0/threaded https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-1215 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 2

Directory traversal vulnerability in Core FTP Server 1.2 before build 515 allows remote authenticated users to determine the existence of arbitrary files via a /../ sequence in an XCRC command. Vulnerabilidad de salto de directorio en Core FTP Server 1.2 anterior a build 515 permite a usuarios remotos autenticados determinar la existencia de archivos arbitrarios a través de una secuencia /../ en un comando XCRC. Core FTP Server version 1.2 suffers from denial of service race condition, password disclosure, and directory traversal vulnerabilities. • http://coreftp.com/forums/viewtopic.php?t=2985707 http://packetstormsecurity.com/files/125073/Core-FTP-Server-1.2-DoS-Traversal-Disclosure.html http://seclists.org/fulldisclosure/2014/Feb/39 http://secunia.com/advisories/56850 http://www.osvdb.org/102967 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 4.3EPSS: 1%CPEs: 1EXPL: 2

Core FTP Server 1.2 before build 515 allows remote attackers to cause a denial of service (reachable assertion and crash) via an AUTH SSL command with malformed data, as demonstrated by pressing the enter key twice. Core FTP Server 1.2 anterior a build 515 permite a atacantes remotos causar una denegación de servicio (aserción alcanzable y caída) a través de un comando AUTH SSL con datos malformados, tal y como fue demostrado presionando la tecla ENTER dos veces. Core FTP Server version 1.2 suffers from denial of service race condition, password disclosure, and directory traversal vulnerabilities. • http://coreftp.com/forums/viewtopic.php?t=2985707 http://packetstormsecurity.com/files/125073/Core-FTP-Server-1.2-DoS-Traversal-Disclosure.html http://seclists.org/fulldisclosure/2014/Feb/39 http://secunia.com/advisories/56850 http://www.osvdb.org/102966 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 2

Core FTP Server 1.2 before build 515 allows remote authenticated users to obtain sensitive information (password for the previous user) via a USER command with a specific length, possibly related to an out-of-bounds read. Core FTP Server 1.2 anterior a build 515 permite a usuarios remotos autenticados obtener información sensible (contraseña para el usuario anterior) a través de un comando USER con una longitud especifica, posiblemente relacionado con una lectura fuera de rango. Core FTP Server version 1.2 suffers from denial of service race condition, password disclosure, and directory traversal vulnerabilities. • http://coreftp.com/forums/viewtopic.php?t=2985707 http://packetstormsecurity.com/files/125073/Core-FTP-Server-1.2-DoS-Traversal-Disclosure.html http://seclists.org/fulldisclosure/2014/Feb/39 http://secunia.com/advisories/56850 http://www.osvdb.org/102968 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •