CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-27052
https://notcve.org/view.php?id=CVE-2022-27052
FreeFtpd version 1.0.13 and below contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges. FreeFtpd versión 1.0.13 y anteriores, contiene una vulnerabilidad de ruta de servicio no citada que permite a usuarios locales lanzar procesos con altos privilegios • https://github.com/ycdxsb/Vuln/tree/main/FreeFTPd-Unquoted-Service-Path • CWE-428: Unquoted Search Path or Element •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2019-19383
https://notcve.org/view.php?id=CVE-2019-19383
freeFTPd 1.0.8 has a Post-Authentication Buffer Overflow via a crafted SIZE command (this is exploitable even if logging is disabled). freeFTPd versión 1.0.8, presenta un Desbordamiento de Búfer Post-Autenticación por medio de un comando SIZE diseñado (esto es explotable incluso si el registro está deshabilitado). • https://github.com/killvxk/CVE-2019-19383 https://github.com/m0rph-1/CVE-2019-19383 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 11EXPL: 0CVE-2012-6067
https://notcve.org/view.php?id=CVE-2012-6067
freeFTPd.exe in freeFTPd through 1.0.11 allows remote attackers to bypass authentication via a crafted SFTP session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c. freeFTPd.exe en freeFTPd hasta v1.0.11 permite a atacantes remotos evitar la autenticación a través de una sesión de SFTP manipulada, como lo demuestra un cliente OpenSSH con versiones modificadas de ssh.c y sshconnect2.c. • http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0011.html • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 68%CPEs: 4EXPL: 4CVE-2006-2407 – freeFTPd 1.0.10 - Key Exchange Algorithm String Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-2407
Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange algorithm string. Desbordamiento de búfer basado en pila en (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 y 1.3.3 DEMO, como se usa en otros productos incluyendo (2) FreeSSHd 1.0.9 y (3) freeFTPd 1.0.10, permite a atacantes remotos ejecutar código arbitrario a través de una cadena de algoritmo de intercambio de clave larga. • https://www.exploit-db.com/exploits/16462 https://www.exploit-db.com/exploits/16461 https://www.exploit-db.com/exploits/1787 http://marc.info/?l=full-disclosure&m=114764338702488&w=2 http://secunia.com/advisories/19845 http://secunia.com/advisories/19846 http://secunia.com/advisories/20136 http://securityreason.com/securityalert/901 http://www.kb.cert.org/vuls/id/477960 http://www.osvdb.org/25463 http://www.osvdb.org/25569 http://www.securityfocus.com/archive • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 2CVE-2005-3812 – freeFTPd 1.0.10 - 'PORT' Denial of Service
https://notcve.org/view.php?id=CVE-2005-3812
freeFTPd 1.0.10 allows remote authenticated users to cause a denial of service (null dereference and crash) via a PORT command with missing arguments. • https://www.exploit-db.com/exploits/1339 http://secunia.com/advisories/17737 http://www.securityfocus.com/archive/1/417602/30/0/threaded http://www.securityfocus.com/bid/15557 http://www.vupen.com/english/advisories/2005/2580 •