CVSS: 5.0EPSS: 3%CPEs: 1EXPL: 1CVE-2001-1501 – WU-FTPD 2.4/2.5/2.6 / Trolltech ftpd 1.2 / ProFTPd 1.2 / BeroFTPD 1.3.4 FTP - glob Expansion
https://notcve.org/view.php?id=CVE-2001-1501
The glob functionality in ProFTPD 1.2.1, and possibly other versions allows remote attackers to cause a denial of service (CPU and memory consumption) via commands with large numbers of wildcard and other special characters, as demonstrated using an ls command with multiple (1) "*/..", (2) "*/.*", or (3) ".*./*?/" sequences in the argument. • https://www.exploit-db.com/exploits/20690 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000450 http://online.securityfocus.com/archive/1/169395 http://www.mandriva.com/security/advisories?name=MDKSA-2002:005 •
CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 0CVE-2001-1500
https://notcve.org/view.php?id=CVE-2001-1500
ProFTPD 1.2.2rc2, and possibly other versions, does not properly verify reverse-resolved hostnames by performing forward resolution, which allows remote attackers to bypass ACLs or cause an incorrect client hostname to be logged. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000450 http://www.mandriva.com/security/advisories?name=MDKSA-2002:005 http://www.securityfocus.com/archive/1/212805 http://www.securityfocus.com/bid/3310 https://exchange.xforce.ibmcloud.com/vulnerabilities/7126 •