8 results (0.002 seconds)

CVSS: 4.0EPSS: 7%CPEs: 1EXPL: 3

Format string vulnerability in War FTP Daemon (warftpd) 1.82 RC 12 allows remote authenticated users to cause a denial of service (crash) via format string specifiers in a LIST command. Vulnerabilidad de formato de cadena en War FTP Daemon (warftpd) 1.82 RC 12 permite a usuarios remotos autenticados causar una denegación de servicio (caída) a través de especificadores de formato de cadena en un comando LIST. • https://www.exploit-db.com/exploits/9622 http://archives.neohapsis.com/archives/bugtraq/2009-09/0105.html http://www.exploit-db.com/exploits/9622 http://www.osvdb.org/62599 http://www.warftp.org/index.php?menu=338&cmd=show_article&article_id=1003 https://www.corelan.be/index.php/forum/security-advisories-archive-2009/corelan-09001-warftpd-1-82-rc12-dos • CWE-134: Use of Externally-Controlled Format String •

CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0

Unspecified vulnerability in War FTP Daemon (warftpd) 1.82, when running as a Windows service, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to log messages and the "internal log handler to the Windows Event log." Vulnerabilidad no especificada en War FTP Daemon (warftpd) 1.82, cuando se ejecuta como un servicio de Windows, permite a atacantes remotos causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de vectores desconocidos relacionados con mensajes de registro y el manejador de registro interno hacia el registro de Windows Event. • http://www.securityfocus.com/archive/1/525830 http://www.warftp.org/index.php?cmd=show_article&article_id=1035 •

CVSS: 4.0EPSS: 5%CPEs: 1EXPL: 2

War FTP Daemon (WarFTPd) 1.82.00-RC11 allows remote authenticated users to cause a denial of service via a large number of "%s" format strings in (1) CWD, (2) CDUP, (3) DELE, (4) NLST, (5) LIST, (6) SIZE, and possibly other commands. NOTE: it is possible that vector 1 is an off-by-one variant or incomplete fix of CVE-2005-0312. War FTP Daemon (WarFTPd) 1.82.00-RC11 permite a usuarios remotos autenticados provocar una denegación de servicio mediante un número grande de cadenas de formato "%s" en (1) CWD, (2) CDUP, (3) DELE, (4) NLST, (5) LIST, (6) SIZE, y posiblemente otros comandos. NOTA: es posible que el vector 1 sea una variante de superación de límite (off-by-one) o un arreglo incompleto de CVE-2005-0312. • https://www.exploit-db.com/exploits/2735 http://secunia.com/advisories/22755 http://securityreason.com/securityalert/1832 http://securitytracker.com/id?1017174 http://www.securityfocus.com/archive/1/450804/100/0/threaded http://www.securityfocus.com/bid/20944 http://www.vupen.com/english/advisories/2006/4398 https://exchange.xforce.ibmcloud.com/vulnerabilities/30077 • CWE-399: Resource Management Errors •

CVSS: 6.4EPSS: 3%CPEs: 3EXPL: 1

Buffer overflow in WDM.exe in WarFTPD allows remote attackers to execute arbitrary code via unspecified arguments, as demonstrated by the Infigo FTPStress Fuzzer. Desbordamiento de búfer en WDM.exe en WarFTPD permite a atacantes remotos ejecutar código arbitrario a través de argumentos no especificados, según lo demostrado por el Infigo FTPStress Fuzzer. • http://archives.neohapsis.com/archives/bugtraq/2006-05/0139.html http://marc.info/?l=bugtraq&m=114658586018818&w=2 http://www.infigo.hr/en/in_focus/tools http://www.infigo.hr/hr/in_focus/advisories/INFIGO-2006-05-03 http://www.osvdb.org/25220 http://www.securityfocus.com/bid/17803 https://exchange.xforce.ibmcloud.com/vulnerabilities/26304 •

CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 1

Buffer overflow in War FTPd 1.6x allows users to cause a denial of service via long MKD and CWD commands. • https://www.exploit-db.com/exploits/19740 http://marc.info/?l=bugtraq&m=94960703721503&w=2 http://www.osvdb.org/4677 http://www.securityfocus.com/bid/966 •