Page 50 of 256 results (0.011 seconds)

CVSS: 10.0EPSS: 0%CPEs: 12EXPL: 3

CVE-2004-2532 – RhinoSoft Serv-U FTP Server 3.x < 5.x - Local Privilege Escalation

https://notcve.org/view.php?id=CVE-2004-2532

Serv-U FTP server before 5.1.0.0 has a default account and password for local administration, which allows local users to execute arbitrary commands by connecting to the server using the default administrator account, creating a new user, logging in as that new user, and then using the SITE EXEC command. • https://www.exploit-db.com/exploits/381 http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0216.html http://www.osvdb.org/8877 http://www.securityfocus.com/bid/10886 https://exchange.xforce.ibmcloud.com/vulnerabilities/16925 • CWE-255: Credentials Management Errors •

CVSS: 8.5EPSS: 97%CPEs: 8EXPL: 7

CVE-2004-2111 – RhinoSoft Serv-U FTPd Server 3.x/4.x - 'SITE CHMOD' Remote Overflow

https://notcve.org/view.php?id=CVE-2004-2111

Stack-based buffer overflow in the site chmod command in Serv-U FTP Server before 4.2 allows remote attackers to execute arbitrary code via a long filename. • https://www.exploit-db.com/exploits/149 https://www.exploit-db.com/exploits/23591 https://www.exploit-db.com/exploits/23592 https://www.exploit-db.com/exploits/822 https://www.exploit-db.com/exploits/18190 http://archives.neohapsis.com/archives/bugtraq/2004-01/0249.html http://marc.info/?l=bugtraq&m=107513654005840&w=2 http://securitytracker.com/id?1008841 http://www.securityfocus.com/bid/9483 http://www.securityfocus.com/bid/9675 https://exchange.xforce.ibmcloud • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 4%CPEs: 10EXPL: 2

CVE-2004-1675 – RhinoSoft Serv-U FTP Server < 5.2 - Remote Denial of Service

https://notcve.org/view.php?id=CVE-2004-1675

Serv-U FTP server 4.x and 5.x allows remote attackers to cause a denial of service (application crash) via a STORE UNIQUE (STOU) command with an MS-DOS device name argument such as (1) COM1, (2) LPT1, (3) PRN, or (4) AUX. • https://www.exploit-db.com/exploits/463 http://marc.info/?l=bugtraq&m=109495074211638&w=2 http://secunia.com/advisories/12507 http://www.securityfocus.com/bid/11155 https://exchange.xforce.ibmcloud.com/vulnerabilities/17329 • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 92%CPEs: 10EXPL: 4

CVE-2004-1992 – RhinoSoft Serv-U FTP Server 3.x/4.x/5.0 - 'LIST' Buffer Overflow

https://notcve.org/view.php?id=CVE-2004-1992

Buffer overflow in Serv-U FTP server before 5.0.0.6 allows remote attackers to cause a denial of service (crash) via a long -l parameter, which triggers an out-of-bounds read. • https://www.exploit-db.com/exploits/24029 http://marc.info/?l=bugtraq&m=108360377119290&w=2 http://marc.info/?l=ntbugtraq&m=108359620108234&w=2 http://secunia.com/advisories/11430 http://securitytracker.com/id?1009869 http://www.osvdb.org/5546 http://www.securiteam.com/windowsntfocus/5ZP0G2KCKA.html http://www.securityfocus.com/bid/10181 https://exchange.xforce.ibmcloud.com/vulnerabilities/15913 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 0

CVE-2004-1852

https://notcve.org/view.php?id=CVE-2004-1852

DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transmits the Blowfish encryption key in plaintext, which allows remote attackers to gain sensitive information. • http://marc.info/?l=bugtraq&m=108016344224973&w=2 http://secunia.com/advisories/11205 http://securitytracker.com/id?1009557 http://www.dameware.com/support/security/bulletin.asp?ID=SB3 http://www.osvdb.org/4547 http://www.securityfocus.com/bid/9959 https://exchange.xforce.ibmcloud.com/vulnerabilities/15586 • CWE-319: Cleartext Transmission of Sensitive Information •