CVSS: 9.8EPSS: 9%CPEs: 1EXPL: 2CVE-2017-6880 – Cerberus FTP Server 8.0.10.3 - 'MLST' Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2017-6880
17 Mar 2017 — Buffer overflow in Cerberus FTP Server 8.0.10.3 allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long MLST command. Desbordamiento de búfer en Cerberus FTP Server 8.0.10.3 permite a atacantes remotos provocar una denegación de servicio (fallo del demonio) o posiblemente tener otro impacto no especificado a través de un comando largo MLST. • https://packetstorm.news/files/id/142502 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2007-5930
https://notcve.org/view.php?id=CVE-2007-5930
10 Nov 2007 — Cross-site scripting (XSS) vulnerability in the web interface in Cerberus FTP Server before 2.46 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el interfaz web del servidor FTP Cerberus anterior al 2.46, permite a atacantes remotos la inyección de secuencias de comandos web o HTML de su elección a través de vectores sin especificar. • http://osvdb.org/38789 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2003-1476
https://notcve.org/view.php?id=CVE-2003-1476
31 Dec 2003 — Cerberus FTP Server 2.1 stores usernames and passwords in plaintext, which could allow local users to gain access. • http://www.cerberusftp.com/cerberus-releasenotes.htm#KnownIssues •