3 results (0.022 seconds)

CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 0

Stack-based buffer overflow in Core FTP before 2.2 build 1785 allows remote FTP servers to execute arbitrary code via a crafted directory name in a CWD command reply. Desbordamiento de buffer basado en pila en Core FTP anterior a 2.2 build 1785 permite a servidores remotos FTP ejecutar código arbitrario a través de un nombre de directorio manipulado en una respuesta de comando CWD. • http://osvdb.org/96314 http://secunia.com/advisories/53743 http://www.coreftp.com/forums/viewtopic.php?t=222102 http://www.securityfocus.com/bid/61786 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 7%CPEs: 1EXPL: 2

Stack-based buffer overflow in Core FTP 2.1 build 1612 allows user-assisted remote attackers to execute arbitrary code via a long hostname in an FTP server entry in a site backup file. NOTE: some of these details are obtained from third party information. Desbordamiento de búfer basado en pila en Core FTP v2.1 build 1612 permite a atacantes remotos asistidos ejecutar código de su elección a través del un hostname largo en una entrada al servidor FTP en un archivo backup. NOTA: algunos de estos detalles han sido obtenidos a partir de información de terceros. • https://www.exploit-db.com/exploits/9815 http://osvdb.org/58385 http://secunia.com/advisories/36872 http://www.packetstormsecurity.org/0909-exploits/coreftp_local.py.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/53488 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 1

Directory traversal vulnerability in Core FTP client 2.1 Build 1565 allows remote FTP servers to create or overwrite arbitrary files via .. (dot dot) sequences in responses to LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writing to a Startup folder. Vulnerabilidad de salto de directorio en Core FTP client 2.1 Build 1565 permite a servidores FTP remotos crear o sobrescribir ficheros de su elección a través de secuencias .. (punto punto) en respuesta a comandos LIST, una cuestión relacionada a CVE-2002-1345. • http://secunia.com/advisories/30389 http://vuln.sg/coreftp211565-en.html http://www.coreftp.com/forums/viewtopic.php?t=6078 http://www.securityfocus.com/bid/29362 http://www.vupen.com/english/advisories/2008/1643/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42605 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •