Page 3 of 57 results (0.004 seconds)

CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0

CVE-2005-0198

https://notcve.org/view.php?id=CVE-2005-0198

A logic error in the CRAM-MD5 code for the University of Washington IMAP (UW-IMAP) server, when Challenge-Response Authentication Mechanism with MD5 (CRAM-MD5) is enabled, does not properly enforce all the required conditions for successful authentication, which allows remote attackers to authenticate as arbitrary users. • http://secunia.com/advisories/14057 http://secunia.com/advisories/14097 http://securitytracker.com/id?1013037 http://www.gentoo.org/security/en/glsa/glsa-200502-02.xml http://www.kb.cert.org/vuls/id/702777 http://www.kb.cert.org/vuls/id/CRDY-68QSL5 http://www.mandriva.com/security/advisories?name=MDKSA-2005:026 http://www.redhat.com/support/errata/RHSA-2005-128.html http://www.securityfocus.com/bid/12391 https://oval.cisecurity.org/repository/search/definition/oval& •

CVSS: 7.2EPSS: 0%CPEs: 23EXPL: 0

CVE-2004-0148

https://notcve.org/view.php?id=CVE-2004-0148

wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead. wu-ftpd 2.6.2 y anteriores, con la opción restricted-gid activada, permite a usuarios locales saltarse restricciones de acceso cambiando los permisos para impedir el acceso a su directorio home, lo que hace que wu-ftpd use el directorio raíz en su lugar. • http://marc.info/?l=bugtraq&m=108999466902690&w=2 http://secunia.com/advisories/11055 http://secunia.com/advisories/20168 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102356-1 http://www.debian.org/security/2004/dsa-457 http://www.frsirt.com/english/advisories/2006/1867 http://www.redhat.com/support/errata/RHSA-2004-096.html http://www.securityfocus.com/bid/9832 https://exchange.xforce.ibmcloud.com/vulnerabilities/15423 https://oval.cisecurity.org/repository •

CVSS: 10.0EPSS: 7%CPEs: 1EXPL: 1

CVE-2004-0185

https://notcve.org/view.php?id=CVE-2004-0185

Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp daemon (wu-ftpd) 2.6.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a s/key (SKEY) request with a long name. Desbordamiento de búfer en la función skey_challenge en ftpd.c de wu-ftp daemon (wu-ftpd) 2.6.2 permite a atacantes remotos causar una denegación de servicio y posiblemente ejecutar código arbitrario mediante una petición s/key (SKEY) con un nombre muy grande. • ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_2.6.2/skeychallenge.patch http://unixpunx.org/txt/exploits_archive/packetstorm/0310-advisories/wuftpd-skey.txt http://www.debian.org/security/2004/dsa-457 http://www.redhat.com/support/errata/RHSA-2004-096.html http://www.securiteam.com/unixfocus/6X00Q1P8KC.html http://www.securityfocus.com/bid/8893 https://exchange.xforce.ibmcloud.com/vulnerabilities/13518 https://access.redhat.com/security/cve/CVE-2004-0185 https://bugzilla& •

CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2003-1327

https://notcve.org/view.php?id=CVE-2003-1327

Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and earlier, when compiled with MAIL_ADMIN option enabled on a system that supports very long pathnames, might allow remote anonymous users to execute arbitrary code by uploading a file with a long pathname, which triggers the overflow when wu-ftpd constructs a notification message to the administrator. • http://archives.neohapsis.com/archives/bugtraq/2003-09/0348.html http://secunia.com/advisories/9835 http://securitytracker.com/id?1007775 http://www.osvdb.org/2594 http://www.securityfocus.com/bid/8668 http://www.slackware.org/security/viewer.php?l=slackware-security&y=2003&m=slackware-security.365971 https://exchange.xforce.ibmcloud.com/vulnerabilities/13269 •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2003-1329

https://notcve.org/view.php?id=CVE-2003-1329

ftpd.c in wu-ftpd 2.6.2, when running on "operating systems that only allow one non-connected socket bound to the same local address," does not close failed connections, which allows remote attackers to cause a denial of service. • ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_2.6.2/connect-dos.patch http://www.osvdb.org/34670 https://access.redhat.com/security/cve/CVE-2003-1329 https://bugzilla.redhat.com/show_bug.cgi?id=1617128 •